[2022年03月04日] 完全版最新の問題集でPDFで最新SPLK-1002試験問題と解答
無料で使えるSPLK-1002試験問題集で100%合格できる試験簡単に合格させるGoShiken
質問 69
Which of the following knowledge objects represents the output of an oval expression?
- A. Field extractions
- B. Eval fields
- C. Calculated fields
- D. Calculated lookups
正解: C
解説:
Reference:
https://docs.splunk.com/Splexicon:Calculatedfield
質問 70
Which of the following searches would return a report of sales by product-name?
- A. stats sum(price) as sales over product_name
- B. chart sales by product_name
- C. timechart list(sales), values(product_name)
- D. chart sum(price) as sales by product_name
正解: D
解説:
Explanation
https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchReference/Chart
https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchReference/Stats
質問 71
Which workflow action method can be used the action type is set to link?
- A. GET
- B. PUT
- C. UPDATE
- D. Search
正解: A
解説:
Explanation
https://docs.splunk.com/Documentation/Splunk/8.0.2/Knowledge/SetupaGETworkflowaction Define a GET workflow action Steps
* Navigate to Settings > Fields
* Click New to open up a new workflow action form.
* Define a Label for the action.
The Label field enables you to define the text that is displayed in either the field or event workflow menu.
Labels can be static or include the value of relevant fields.
* Determine whether the workflow action applies to specific fields or event types in your data.
Use Apply only to the following fields to identify one or more fields. When you identify fields, the workflow action only appears for events that have those fields, either in their event menu or field menus. If you leave it blank or enter an asterisk the action appears in menus for all fields.
Use Apply only to the following event types to identify one or more event types. If you identify an event type, the workflow action only appears in the event menus for events that belong to the event type.
* For Show action in determine whether you want the action to appear in the Event menu, the Fields menus, or Both.
* Set Action type to link.
* In URI provide a URI for the location of the external resource that you want to send your field values to.
Similar to the Label setting, when you declare the value of a field, you use the name of the field enclosed by dollar signs.
Variables passed in GET actions via URIs are automatically URL encoded during transmission. This means you can include values that have spaces between words or punctuation characters.
* Under Open link in, determine whether the workflow action displays in the current window or if it opens the link in a new window.
* Set the Link method to get
* Click Save to save your workflow action definition.
質問 72
Which of the following is NOT a stats function:
- A. count
- B. sum
- C. avg
- D. addtotals
正解: D
質問 73
Where are the results of eval commands stored?
- A. In a field.
- B. In an index.
- C. In a database.
- D. In a KV Store.
正解: A
解説:
Explanation
https://docs.splunk.com/Documentation/Splunk/8.0.2/SearchReference/Eval The eval command calculates an expression and puts the resulting value into a search results field.
* If the field name that you specify does not match a field in the output, a new field is added to the search results.
* If the field name that you specify matches a field name that already exists in the search results, the results of the eval expression overwrite the values in that field.
質問 74
Which of the following statements describe the search string below?
| datamodel Application_State All_Application_State search
- A. No events will be returned because the pipe should occur after the datamodel command
- B. Events will be returned from the data model named All_Application_state.
- C. Evenrches would return a report of sales by state.
- D. Events will be returned from the data model named Application_State.
正解: D
質問 75
Which of the following are valid options with the chart command ?(select all that apply)
- A. split=t
- B. transcation=t
- C. usenull=f
- D. useother=f
正解: B,C
質問 76
Given the macro definition below, what should be entered into the Name and Arguments fileds to correctly configured the macro?
- A. The macro name is sessiontracker and the arguments are $action$, $JESSIONID$.
- B. The macro name is sessiontracker and the arguments are action, JESSIONID.
- C. The macro name is sessiontracker(2) and the Arguments are $action$, $JESSIONID$.
- D. The macro name is sessiontracker(2) and the arguments are action, JESSIONID.
正解: D
質問 77
What will you learn from the results of the following search? sourcetype=cisco_esa | transaction mid, dcid, icid | timechart avg(duration)
- A. The average time between each transaction
- B. The average time elapsed during each transaction for all transactions
- C. The average time for each event within each transaction
正解: B
質問 78
When creating a Search workflow action, which field is required?
- A. An eval statement
- B. Data model name
- C. Permission setting
- D. Search string
正解: D
解説:
Reference:
https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/Setupasearchworkflowaction
質問 79
Which of the following statements describes POST workflow actions?
- A. POST workflow actions can be configured to send email to the URI location.
- B. POST workflow actions can be configured to send POST arguments to the URI location.
- C. Configuration of a POST workflow action includes choosing a sourcetype.
- D. By default, POST workflow action are shown in both the event and field menus.
正解: D
解説:
Reference:https://docs.splunk.com/Documentation/Splunk/8.0.3/Knowledge/SetupaPOSTworkflowaction
質問 80
To identify all of the contributing events within a transaction that contain at least one REJECTevent, which syntax is correct?
- A. index=main REJECT | transaction sessionid
- B. index=main | transaction sessionid | where transaction=reject
- C. index=main | transaction sessionid | search REJECT
- D. index=main | transaction sessionid | where transaction="REJECT*"
正解: C
解説:
Explanation/Reference:
質問 81
Which of the following searches show a valid use of macro? (Select all that apply)
- A. Option C
- B. Option D
- C. Option B
- D. Option A
正解: A,D
質問 82
These kinds of charts represent a series in a single bar with multiple sections
- A. Stacked
- B. Split-Series
- C. Multi-Series
- D. Omit nulls
正解: B
質問 83
Which of the following statements about data models and pivot are true? (select all that apply)
- A. They are both knowledge objects.
- B. Pivot allows the creation of data visualizations that present different aspects of a data model.
- C. Data models are created out of datasets called pivots.
- D. Pivot requires users to input SPL searches on data models.
正解: B
質問 84
What does the following search do?
index=condlog type=mysterymeat action=eaten I scats count as cornlog_count by us:
- A. Creates a table that groups the total number of users by vegetarian corndogs.
- B. Creates a table with the count of all types of corndogs eaten split by user.
- C. Creates a table of the total count of users and split by corndogs.
- D. Creates a table of the total count of mysterymeat corndogs split by user.
正解: C
質問 85
This is what Splunk uses to categorize the data that is being indexed.
- A. Host
- B. Sourcetype
- C. Source
- D. Index
正解: B
質問 86
When should transaction be used?
- A. When calculating results from one or more fields.
- B. When event grouping is based on start/end values.
- C. Only in a large distributed Splunk environment.
- D. When grouping events results in over 1000 events in each group.
正解: A
解説:
Reference:
https://docs.splunk.com/Documentation/Splunk/8.0.3/Search/Abouttransactions
質問 87
......
Splunk SPLK-1002 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
無料で試せるSPLK-1002試験問題SPLK-1002実際の無料試験問題:https://www.goshiken.com/Splunk/SPLK-1002-mondaishu.html
検証済みのSPLK-1002問題集と179格別な問題:https://drive.google.com/open?id=1duWZ6FWJWkssX5wuq98vUfhVPjZY1xAT