SPLK-1002 Exam - Free Splunk Questions and Answers

Question #6 (Topic: Single Topic)

Which group of users would most likely use pivots?

A. Users B. Architects C. Administrators D. Knowledge Managers

Answer: A

Question #7 (Topic: Single Topic)

When multiple event types with different color values are assigned to the same event, what determines the color displayed for the event?

A. Rank B. Weight C. Priority D. Precedence

Answer: C

Question #8 (Topic: Single Topic)

Based on the macro definition shown below, what is the correct way to execute the macro in a search string?

A. "convert_sales(euro,ג‚¬,.79)" B. 'convert_sales(euro,ג‚¬,.79)' C. "convert_sales($euro$,$ג‚¬$,$.79$)" D. 'convert_sales($euro$,$ג‚¬$,$.79$)'

Answer: B

Question #9 (Topic: Single Topic)

There are several ways to access the field extractor.
Which option automatically identifies the data type, source type, and sample event?

A. Event Actions > Extract Fields B. Fields sidebar > Extract New Fields C. Settings > Field Extractions > New Field Extraction D. Settings > Field Extractions > Open Field Extractor

Answer: A

Question #10 (Topic: Single Topic)

Which of the following statements would help a user choose between the transaction and stats commands?

A. stats can only group events using IP addresses. B. The transaction command is faster and more efficient. C. There is a 1000 event limitation with the transaction command. D. Use stats when the events need to be viewed as a single correlated event.

Answer: C

Splunk SPLK-1002 - Splunk Core Certified Power User Exam