Splunk Fundamentals 1 Quiz Questions and Answers

What does the user interface component allow for time selection?

Answer :
  • Time range picker

Which of the following fields is stored with the events in the index?

Answer :
  • source

What does the stats command do?

Answer :
  • Calculates statistics on data that matches the search criteria.

How can another user gain access to a saved report?

Answer :
  • The owner of the report can edit permissions from the Edit dropdown.

Which search string is the most efficient?

Answer :
  • index=security “failed password”

Which is the most efficient filter you can apply to a search?

Answer :
  • Time

Once an alert is created, you can no longer edit its defining search.

Answer :
  • False

Charts can be based on numbers, time, or location.

Answer :
  • True

The time stamp you see in the events is based on the time zone in your user account.

Answer :
  • True

Time to search can only be set by the time range picker.

Answer :
  • False