SPLUNK

Splunk correct answer: Aggregate, analyze, and get answers from your machine data Splunk can index ____ data from ANY source. correct answer: ANY Sources correct answer: Computers Network devices Virtual machines Internet devices Communication devices Sensors Databases Logs Configurations Messages Call detail records Clickstream Alerts Metrics Scripts Changes Tickets How is Splunk deployed? correct answer: Splunk Enterprise, Splunk Cloud, Splunk Light Splunk Enter...

What are the different components of Splunk? (1.1 Splunk components) correct answer: Indexer, Search Head, Forwarder Function of an Indexer (1.1 Splunk components) correct answer: process incoming data + process search requests from search head Function of a Search Head (1.1 Splunk components) correct answer: use SPL to search + receive results of search Function of a Forwarder (1.1 Splunk components) correct answer: supplies data for indexing Which component does the pro...

Field values are case sensitive. correct answer: false How is the asterisk used in Splunk search? correct answer: as a wildcard How many results are shown by default when using a Top or Rare Command? correct answer: 10 These are booleans in the Splunk Search Language. correct answer: NOT; AND; OR Which is not a comparison operator in Splunk? correct answer: ?= Which command removes results with duplicate field values? correct answer: dedup Warm buckets in Splunk indexes a...

Machine data makes up for more than ___% of the data accumulated by organizations. correct answer: 90 Machine data is always structured. correct answer: False Machine data is only generated by web servers. correct answer: False Which of these is not a main component of Splunk? Select your answer. Search and investigate Add knowledge Collect and index data Compress and archive correct answer: Compress and archive What are the three main processing components of Splunk? co...

Workflow Actions can only be applied to a single field. Select your answer. FALSE TRUE correct answer: FALSE This Workflow Action type sends field values to external resources. Select your answer. POST Search GET correct answer: POST When using a field value variable with a Workflow Action, which punctuation mark will escape the data? Select your answer. * ! # ^ correct answer: ! Required fields in a data model: Select your answer. constrains the ...

Machine data is only generated by web servers. correct answer: False Machine data is always structured. correct answer: False Machine data makes up for more than ___% of the data accumulated by organizations. correct answer: 90 In most Splunk deployments, ________ serve as the primary way data is supplied for indexing. correct answer: Forwarders What are the three main processing components of Splunk? correct answer: Forwarders, Indexers, Search Heads Which of these is not a ...

What is the only writeable bucket type? correct answer: The hot bucket By what filter are indexes divided into buckets? correct answer: By time What are the 4 types of searches in Splunk (by performance) correct answer: Dense, Sparse, Super Sparse, Rare In searches, what is the scanCount? correct answer: The number of events scanned for that particular search What are the requirement of the underlying search in order to get multi-series table? correct answer: The underlying sear...