SPLK-1001試験無料問題集（245題）「Splunk Core Certified User 認定」

出題：1

According to Splunk best practices, which placement of the wildcard results in the most efficient search?

A. *fail

B. fail*

C. f*il

D. *fail*

正解：B 解答を投票する

出題：2

Splunk Enterprise is used as a Scalable service in Splunk Cloud.

A. True

B. False

正解：A 解答を投票する

出題：3

Beginning parentheses is automatically highlighted to guide you on the presence of complimenting parentheses.

A. No

B. Yes

正解：B 解答を投票する

出題：4

Splunk extracts fields from event data at index time and at search time.

A. True

B. False

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Splunk Parses data into individual events, extracts time, and assigns metadata.

A. True

B. False

正解：A 解答を投票する

出題：6

Field values are case sensitive.

A. True

B. False

正解：B 解答を投票する

出題：7

Which of the following represents the Splunk recommended naming convention for dashboards?

A. Description_Group_Object

B. Object_Group_Description

C. Group_Description_Object

D. Group_Object_Description

正解：D 解答を投票する

出題：8

What is the correct way to use a time range specifier in the search bar so that the search looks back 2 hours?

A. latest=-2hour@d

B. earliest=-2h

C. earliest=-2hour@d

D. latest=-2h

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

A field exists in search results, but isn't being displayed in the fields sidebar. How can it be added to the fields sidebar?

A. Click All Fields and select the field to add it to Selected Fields.

B. Click Interesting Fields and select the field to add it to Selected Fields.

C. Click Selected Fields and select the field to add it to Interesting Fields.

D. This scenario isn't possible because all fields returned from a search always appear in the fields sidebar.

正解：A 解答を投票する

出題：10

@ Symbol can be used in advanced time unit option.

A. No

B. Yes

正解：B 解答を投票する

出題：11

Which search string matches only events with the status_code of 4:4?

A. status code>403 status_code<405

B. status_code !=404

C. status_code>=400

D. status_code<=404

正解：A 解答を投票する

出題：12

How can search results be kept longer than 7 days?

A. By changing the job settings.

B. By scheduling a report.

C. By changing the time range picker to more than 7 days.

D. By creating a link to the job.

正解：B 解答を投票する

SPLK-1001試験無料問題集「Splunk Core Certified User 認定」