SPLK-1002試験無料問題集（259題）「Splunk Core Certified Power User 認定」

出題：1

We can use the rename command to _____ (Select all that apply.)

A. Extract new fields from our data using regular expressions

B. Exclude fields from our search results

C. Give a field a new name at search time

D. Change indexed fields

出題：2

Data model fields can be added using the Auto-Extracted method. Which of the following statements describe Auto-Extracted fields? (select all that apply)

A. Auto-Extracted fields can be added if they already exist in the dataset with constraints.

B. Auto-Extracted fields can be hidden in Pivot.

C. Auto-Extracted fields can have their data type changed.

D. Auto-Extracted fields can be given a friendly name for use in Pivot.

正解：A,B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

What does the fillnull command replace null values with, if the value argument is not specified?

A. N/A

B. NULL

C. 0

D. NaN

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Given the macro definition below, what should be entered into the Name and Arguments fileds to correctly configured the macro?

A. The macro name is sessiontracker and the arguments are action, JESSIONID.

B. The macro name is sessiontracker and the arguments are $action$, $JESSIONID$.

C. The macro name is sessiontracker(2) and the arguments are action, JESSIONID.

D. The macro name is sessiontracker(2) and the Arguments are $action$, $JESSIONID$.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Based on the macro definition shown below, what is the correct way to execute the macro in a search string?

A. Convert_sales (euro, €, .79)

B. Convert_sales ($euro,$€$,s79$

C. Convert_sales ($euro, $€$,S,79$)

D. Convert_sales (euro, €, 79)"

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

When using the transaction command, what does the argument maxspan do?

A. Sets the maximum total time between events in a transaction.

B. Sets the maximum length of all events within a transaction.

C. Sets the maximum length that any single event can reach to be included in the transaction.

D. Sets the maximum total time between the earliest and latest events in a transaction.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

When using timechart, how many fields can be listed after a by clause?

A. because timechart doesn't support using a by clause.

B. because _time is already implied as the x-axis.

C. because one field would represent the x-axis and the other would represent the y-axis.

D. There is no limit specific to timechart.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Which delimiters can the Field Extractor (FX) detect? (select all that apply)

A. Tabs

B. Spaces

C. Commas

D. Pipes

正解：B,C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Selected fields are displayed ______each event in the search results.

A. other fields

B. interesting fields

C. above

D. below

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

Which of the following eval commands will provide a new value for host from src if it exists?

A. | eval host = if (NOT src = host, src, host)

B. | eval host = if (isnu11 (src), src, host)

C. | eval host = if (isnotnull (src), src, host)

D. | eval host = if (src = host, src, host)

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

There are several ways to access the field extractor. Which option automatically identifies data type, source type, and sample event?

A. Fields sidebar > Extract New Field

B. Settings > Field Extractions > Open Field Extraction

C. Settings > Field Extractions > New Field Extraction

D. Event Actions > Extract Fields

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

When can a pipe follow a macro?

A. A pipe may always follow a macro.

B. Only when sharing is set to global for the macro.

C. The current user must own the macro.

D. The macro must be defined in the current app.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

Which of the following knowledge objects represents the output of an eval expression?

A. Eval fields

B. Calculated fields

C. Calculated lookups

D. Field extractions

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

Which of the following statements describe calculated fields? (select all that apply)

A. Calculated fields can be used in the search bar.

B. Calculated fields can only be applied to host and sourcetype.

C. Calculated fields are shortcuts for performing calculations using the eval command.

D. Calculated fields can be based on an extracted field.

正解：A,C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：15

The macro weekly_sales (2) contains the search string:
index=games | eval ProductSales = $Price$ * $AmountSold$
Which of the following will return results?

A. 'weekly sales (3.99, 10)'

B. 'weekly_sales($3.995, $108)'

C. 'weekly sales (3)'

D. 'weekly_sales (3.99, 10)'

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：16

This function of the stats command allows you to identify the number of values a field has.

A. count

B. distinct_count

C. max

D. fields

正解：A 解答を投票する

SPLK-1002試験無料問題集「Splunk Core Certified Power User 認定」