SPLK-1001無料問題集「Splunk Core Certified User」

質問 1

When viewing results of a search job from the Activity menu, which of the following is displayed?

（A）The same events from when the original search was executed

（B）New events based on the current time range picker

（C）The same events based on the current time range picker

（D）New events in addition to the same events from the original search

正解：A 解答を投票する

質問 2

A field exists in search results, but isn't being displayed in the fields sidebar. How can it be added to the fields sidebar?

（A）This scenario isn't possible because all fields returned from a search always appear in the fields sidebar.

（B）Click Interesting Fields and select the field to add it to Selected Fields.

（C）Click All Fields and select the field to add it to Selected Fields.

（D）Click Selected Fields and select the field to add it to Interesting Fields.

正解：C 解答を投票する

質問 3

Field names are case sensitive.

（A）False

（B）True

正解：B 解答を投票する

質問 4

Which of the following searches will return results where fail, 400, and error exist in every event?

（A）error AND (fail OR 400)

（B）error AND (fail AND 400)

（C）error OR fail OR 400

（D）error OR (fail and 400)

正解：A 解答を投票する

質問 5

In the fields sidebar, which character denotes alphanumeric field values?

（A）#

（B）a

（C）%

（D）a#

正解：C 解答を投票する

質問 6

Which of the following fields is stored with the events in the index?

（A）source

（B）user

（C）sourcelp

（D）location

正解：A 解答を投票する

質問 7

When placed early in a search, which command is most effective at reducing search execution time?

（A）dedup

（B）fields +

（C）sort -

（D）rename

正解：A 解答を投票する

質問 8

Which of the following can be used as wildcard search in Splunk?

（A）!

（B）>

（C）*

（D）=

正解：C 解答を投票する

質問 9

These users can create global knowledge objects. (Select all that apply.)

（A）users

（B）administrators

（C）power users

正解：B、C 解答を投票する

質問 10

Which of the following is a best practice when writing a search string?

（A）Include at least one function as this is a search requirement

（B）Include all formatting commands before any search terms

（C）Include the search terms at the beginning of the search string

（D）Avoid using formatting clauses as they add too much overhead

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

How many main user roles do you have in Splunk?

（A）3

（B）1

（C）4

（D）2

正解：A 解答を投票する

質問 12

At index time, in which field does Splunk store the timestamp value?

（A）timestamp

（B）_time

（C）EventTime

（D）time

正解：B 解答を投票する

質問 13

What can be included in the All Fields option in the sidebar?

（A）Field descriptions

（B）Metadata only

（C）Dashboards

（D）Non-interesting fields

正解：D 解答を投票する

質問 14

In the Search and Reporting app, which tab displays timecharts and bar charts?

（A）Events

（B）Visualization

（C）Patterns

（D）Statistics

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

SPLK-1001 無料問題集「Splunk Core Certified User」

弊社を連絡する

関連リンク

トップ試験