최신 SPLK-1002 무료덤프 - Splunk Core Certified Power User

문제1

In the following eval statement, what is the value of description if the status is 503? index=main | eval description=case(status==200, "OK", status==404, "Not found", status==500, "Internal Server Error")

A. The description field would contain the value "Internal Server Error".

B. The description field would contain the value 0.

C. The description field would contain no value.

D. This statement would produce an error in Splunk because it is incomplete.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제2

When using multiple expressions in a single eval command, which delimiter is used?

A. , (comma)

B. / (forward slash)

C. I (pipe)

D. : (colon)

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제3

Which one of the following statements about the search command is true?

A. It can only be used at the beginning of the search pipeline.

B. It does not allow the use of wildcards.

C. It behaves exactly like search strings before the first pipe.

D. It treats field values in a case-sensitive manner.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제4

When would a user select delimited field extractions using the Field Extractor (FX)?

A. With structured files such as JSON or XML.

B. When a log file contains empty lines or comments.

C. When a log file has values that are separated by the same character, for example, commas.

D. When the file has a header that might provide information about its structure or format.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Which of the following searches would return a report of sales by product-name?

A. chart sales by product_name

B. chart sum(price) as sales by product_name

C. timechart list(sales), values(product_name)

D. stats sum(price) as sales over product_name

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which of the following searches show a valid use of macro? (Select all that apply)

A. index=main source=mySource oldField=* | stats if('makeMyField(oldField)') | table _time newField

B. index=main source=mySource oldField=* | "'newField('makeMyField(oldField)')'" | table _time newField

C. index=main source=mySource oldField=* | eval newField='makeMyField(oldField)'| table _time newField

D. index=main source=mySource oldField=* |'makeMyField(oldField)'| table _time newField

정답: C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

To which of the following can a field alias be applied?

A. Either a calculated field or an extracted field.

B. Only one single field in a dataset.

C. Data found in a lookup table.

D. A given host, source, or sourcetype.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제8

A user wants to create a workflow action that will retrieve a specific field value from an event and run a search in a new browser window in the user's Splunk instance. What kind of workflow action should they create?

A. A POST workflow action, because the search is being sent to the user's current Splunk instance.

B. A Run workflow action, because the user is running a new search with a specific field value from an event returned in the user's search.

C. A Search workflow action, because the user is running a new search with a specific field value from an event returned in the user's search.

D. A GET workflow action, because a field value needs to be retrieved from the events returned in the user's search.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which of the following can be saved as an event type?

A. index=server_494 sourcetype=BETA_718 code=839 stats where code > 203

B. index=server sourcetype=BETA_718 code=UB9 | stats count by code

C. index=server_494 sourcetype=BETA_718 code=889

D. index=server_494 sourcetype=BETA_718 code=839 | inputlookup append=t servercode.csv

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Consider the following search:
Index=web sourcetype=access_combined
The log shows several events that share the same JSESSIONID value (SD404K289O2F151). View the events as a group. From the following list, which search groups events by JSESSIONID?

A. index=web sourcetype=access_combined I highlight JSESSIONID I search SD404K289O2F151

B. index=web sourcetype=access_combined JSESSIONID <SD404K289O2F151>

C. index-web sourcetype=access_combined I transaction JSESSIONID I search SD404K289O2F151

D. index=web sourcetype=access_combined SD404K289O2F151 I table JSESSIONID

정답: B

문제11

Calculated fields can be based on which of the following?

A. Output fields for a lookup

B. Extracted fields

C. Tags

D. Fields generated from a search string

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제12

Consider the following search:
index=web sourcetype=access_corabined
The log shows several events that share the same jsesszonid value (SD462K101O2F267). View the events as a group.
From the following list, which search groups events by jSSESSIONID?

A. index=web sourcetype=access_combined I transaction JSESSZONID I search SD462K101C2F267

B. index=web sourcetype=access_combined SD462K101O2F267 | table JSESSIONID

C. index=web sourcetype=access_combined JSESSTONID <SD462K101O2F267>

D. index=web sourcetype=access_combined | highlight JSESSIONID | search SD462K101O2F267

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제13

which of the following are valid options with the chart command

A. usenull

B. fillfield

C. usefiled

D. useother

정답: A,D

문제14

Which of the following is a feature of the Pivot tool?

A. Data Models are not required.

B. Creates lookups without using SPL.

C. Datasets are not required.

D. Creates reports without using SPL

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제15

Which of the following searches would create a graph similar to the one below?

A. index_internal seourcetype=Savesplunker | fields sourcetype, status | transaction status maxspan-id | start count states

B. None of these searches would generate a similart graph.

C. index_internal seourcetype=Savesplunker | fields sourcetype, status | transaction status maxspan-id | chart count states by -time

D. index_internal seourcetype=Savesplunker | fields sourcetype, status | transaction status maxspan-id | timechart count by status

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제16

Why are tags useful in Splunk?

A. Tags visualize data with graphs and charts.

B. Tags add fields to the raw event data.

C. Tags group related data together.

D. Tags look for less specific data.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

최신 SPLK-1002 무료덤프 - Splunk Core Certified Power User

우리와 연락하기

유용한 링크

최신 업데이트