Question No. 1

In the Splunk interface, the list of alerts can be filtered based on which characteristics?

AApp, Owner, Severity, and Type

BApp, Owner, Priority, and Status

CApp, Dashboard, Severity, and Type

DApp, Time Window, Type, and Severity

Show Answer

Correct Answer: D

Question No. 2

Which search string is the most efficient?

A'failed password'

B''failed password'*

Cindex=* 'failed password'

Dindex=security 'failed password'

Show Answer

Correct Answer: D

Question No. 3

Which of the following can be used as wildcard search in Splunk?

A=

B>

C!

D*

Show Answer

Correct Answer: D

Question No. 4

Splunk internal fields contains general information about events and starts from underscore i.e. _ .

ATrue

BFalse

Show Answer

Correct Answer: A

Question No. 5

!= and NOT are same arguments.

ATrue

BFalse

Show Answer

Correct Answer: B

Free Splunk SPLK-1001 Exam Actual Questions