SPLK-1001試験無料問題集（245題）「Splunk Core Certified User 認定」

出題：1

Which of the following is the most efficient filter for running searches in Splunk?

A. Time

B. Fast mode

C. Selected Fields

D. Sourcetype

正解：A 解答を投票する

出題：2

Uploading local files though Upload options index the file only once.

A. No

B. Yes

正解：B 解答を投票する

出題：3

This function of the stats command allows you to return the sample standard deviation of a field.

A. dev

B. by standarddev

C. stdev

D. count deviation

正解：C 解答を投票する

出題：4

Splunk Components:
Which of the following are responsible for reducing search results?

A. forwarders

B. indexers

C. search heads

正解：B 解答を投票する

出題：5

This search will return 20 results. SEARCH: error | top host limit = 20

A. True

B. False

正解：A 解答を投票する

出題：6

Select the correct option that applies to Index time processing (Choose three.).

A. Settings

B. Indexing

C. Input

D. Parsing

E. Searching

正解：B,C,D 解答を投票する

出題：7

Fields are searchable key value pairs in your event data.

A. True

B. False

正解：A 解答を投票する

出題：8

Universal forwarder is recommended for forwarding the logs to indexers.

A. True

B. False

正解：A 解答を投票する

出題：9

What will always appear in the Selected Fields list?

A. sourcetype

B. clientip

C. action

D. index

正解：A 解答を投票する

出題：10

You are able to create new Index in Data Input settings.

A. No

B. Yes

正解：B 解答を投票する

出題：11

Query - status != 100:

A. Will return event where status field exist but value of that field is not 100.

B. Will return event where status field exist but value of that field is not 100 and all events where status field doesn't exist.

C. Will get different results depending on data

正解：A 解答を投票する

出題：12

When displaying results of a search, which of the following is true about line charts?

A. Line charts are optimal for multiple series with 3 or more columns.

B. Line charts are optimal for single series when using Fast mode.

C. Line charts are optimal for multiseries searches with at least 2 or more columns.

D. Line charts are optimal for single and multiple series.

正解：A 解答を投票する

出題：13

What are the steps to schedule a report?

A. After saving the report, click Scheduling.

B. After saving the report, click Event Type.

C. After saving the report, click Dashboard Panel.

D. After saving the report, click Schedule.

正解：D 解答を投票する

出題：14

What are the two most efficient search filters?

A. index and sourcetype

B. host and sourcetype

C. _time and host

D. _time and index

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

SPLK-1001試験無料問題集「Splunk Core Certified User 認定」