Splunk Fundamentals 1 Quiz Questions and Answers

What does the stats command do?

Answer :
  • Calculates statistics on data that matches the search criteria.

Explanation :

Stats is short for 'statistics' and thus applies the same on data as per the search string.

How can another user gain access to a saved report?

Answer :
  • The owner of the report can edit permissions from the Edit dropdown.

Explanation :

There is an 'edit permission' option available to allow sharing of reports to other users.

Which is the primary function of the timeline located under the search bar?

Answer :
  • To show peaks and/or valleys in the timeline, which can indicate spikes in activity or downtime.

Explanation :

Timeline allows us to see the data in a digrammatic format for better analysis.

According to Splunk best practices, which placement of the wildcard results in the most efficient search?

Answer :
  • fail*

Explanation :

* can be used both before and after the know keyword for best results.

Which statement is true about the top command?

Answer :
  • A) It returns the top 10 results
    B) It displays the output in table format
    C) It returns the count and percent columns per row
    All of the above

Explanation :

By default, top command shows count and percent column in results.

What happens when a field is added to the Selected Fields list in the fields sidebar?

Answer :
  • The selected field and its corresponding values will appear underneath the events in the search results.

Explanation :

Selected fields are shown underneath the events in search results.

Which command automatically returns percent and count columns when executing searches?

Answer :
  • top

Explanation :

By default, top command shows count and percent column in results.