28% OFF Automatically For You
Splunk Core Certified Power User
1.Which of the following eval command function is valid?
A. Int ()
B. Count ( )
C. Print ()
D. Tostring ()
2.Which of the following statements describes POST workflow actions?
A. POST workflow actions are always encrypted.
B. POST workflow actions cannot use field values in their URI.
C. POST workflow actions cannot be created on custom sourcetypes.
D. POST workflow actions can open a web page in either the same window or a new .
3.Which of the following statements describe the search string below?
| datamodel Application_State All_Application_State search
A. Events will be returned from dataset named Application_state.
B. Events will be returned from the data model named Application_State.
C. Events will be returned from the data model named All_Application_state.
D. No events will be returned because the pipe should occur after the datamodel
4.Which of the following statements describe the search below? (select all that apply)
Index=main I transaction clientip host maxspan=30s maxpause=5s
A. Events in the transaction occurred within 5 seconds.
B. It groups events that share the same clientip and host.
C. The first and last events are no more than 5 seconds apart.
D. The first and last events are no more than 30 seconds apart.
5.To identify all of the contributing events within a transaction that contains at least
one REJECT event, which syntax is correct?
A. Index-main | REJECT trans sessionid
B. Index-main | transaction sessionid | search REJECT
C. Index=main | transaction sessionid | whose transaction=reject
D. Index=main | transaction sessionid | where transaction=reject’’
6.Which of the following describes the Splunk Common Information Model (CIM) add-
A. The CIM add-on uses machine learning to normalize data.
B. The CIM add-on contains dashboards that show how to map data.
C. The CIM add-on contains data models to help you normalize