Splunk SPLK-1001 Splunk Core Certified User Exam Practice Test

Page: 1 / 14
Total 244 questions
Question 1

When refining search results, what is the difference in the time picker between real-time and relative time ranges?



Answer : B

The difference between real-time and relative time ranges in the time picker is that real-time searches display results from a rolling time window, such as the last 15 minutes, while relative searches display results from a set length of time, such as yesterday or last week. Real-time searches do not happen instantly, but rather update periodically based on the refresh interval. Relative searches do not happen at a scheduled time, but rather when the user runs them. Real-time searches do not run constantly in the background, but rather when the user starts them. Real-time searches do not represent events that have happened in a set time window, but rather events that are happening now.


Question 2

What will always appear in the Selected Fields list?



Answer : D


Question 3

In the Search and Reporting app, which tab displays timecharts and bar charts?



Answer : D

Explanation/Reference: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.2/Search/Aboutreportingcommands


Question 4

Which of the following reports is available in the Fields window?



Answer : C


Question 5

Which search will return only events containing the word ''error'' and display the results as a table that includes

the fields named action, src, and dest?



Answer : C

Explanation/Reference: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.3/SearchReference/search


Question 6

Following are the time selection option while making search:

(Choose all that apply.)



Answer : B


Question 7

Selected fields are a set of configurable fields displayed for each event.



Answer : A


Page:    1 / 14   
Total 244 questions