Dumps4free
Go Back on SPLK-1002 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99

SPLK-1002 Practice Test


Page 2 out of 26 Pages

Topic 1 : Main Questions

The Field Extractor (FX) is used to extract a custom field. A report can be created using this custom field. The
created report can then be shared with other people in the organization. If another person in the organization
runs the shared report and no results are returned, why might this be? (select all that apply)
Fast mode is enabled.
The dashboard is private.
The extraction is private-
The person in the organization running the report does not have access to the index.


A.

Fast mode is enabled.


B.

The dashboard is private.


C.

The extraction is private-


D.

The person in the organization running the report does not have access to the index





C.   

The extraction is private-



D.   

The person in the organization running the report does not have access to the index



Which of the following statements describes this search? 
sourcetype=access_combined I transaction JSESSIONID | timechart avg (duration


A.

This is a valid search and will display a timechart of the average duration, of each transaction event.


B.

This is a valid search and will display a stats table showing the maximum pause among transactions.


C.

No results will be returned because the transaction command must include the startswith and endswith
options.


D.

No results will be returned because the transaction command must be the last command used in the
search pipeline.





A.   

This is a valid search and will display a timechart of the average duration, of each transaction event.



Which of the following statements describes POST workflow actions?


A.

POST workflow actions are always encrypted.


B.

POST workflow actions cannot use field values in their URI.


C.

POST workflow actions cannot be created on custom sourcetypes.


D.

POST workflow actions can open a web page in either the same window or a new .





D.   

POST workflow actions can open a web page in either the same window or a new .



What do events in a transaction have In common?


A.

All events In a transaction must have the same timestamp.


B.

All events in a transaction must have the same sourcetype.


C.

All events in a transaction must have the exact same set of fields.


D.

All events in a transaction must be related by one or more fields.





B.   

All events in a transaction must have the same sourcetype.



What does the following search do?
index=condlog type=mysterymeat action=eaten I scats count as cornlog_count by us©:


A.

Creates a table of the total count of users and split by corndogs.


B.

Creates a table of the total count of mysterymeat corndogs split by user.


C.

Creates a table with the count of all types of corndogs eaten split by user.


D.

Creates a table that groups the total number of users by vegetarian corndogs





A.   

Creates a table of the total count of users and split by corndogs.




Page 2 out of 26 Pages
Previous