1. Home
  2. Splunk
  3. Splunk Core Certified User
  4. SPLK-1001
  5. Splunk Core Certified User Questions and Answers

Pass the Splunk Splunk Core Certified User SPLK-1001 Questions and answers with CertsForce

 Splunk Exams      Go to Exam Detail      Get Premium Access
Viewing page 6 out of 8 pages
Viewing questions 51-60 out of questions
Questions # 51:

Which of the following is true about user account settings and preferences?

Options:
A.

Search & Reporting is the only app that can be set as the default application.

B.

Full names can only be changed by accounts with a Power User or Admin role.

C.

Time zones are automatically updated based on the setting of the computer accessing Splunk.

D.

Full name, time zone, and default app can be defined by clicking the login name in the Splunk bar.

Expert Solution
Questions # 52:

Forward Option gather and forward data to indexers over a receiving port from remote machines.

Options:
A.

False

B.

True

Expert Solution
Questions # 53:

Which of the following represents the Splunk recommended naming convention for dashboards?

Options:
A.

Description_Group_Object

B.

Group_Description_Object

C.

Group_Object_Description

D.

Object_Group_Description

Expert Solution
Questions # 54:

Which Boolean operator is implied between search terms, unless otherwise specified?

Options:
A.

OR

B.

AND

C.

NOT

D.

NAND

Expert Solution
Questions # 55:

When saving a search directly to a dashboard panel instead of saving as a report first, which of the following is

created?

Options:
A.

Cloned panel

B.

Inline panel

C.

Report panel

D.

Prebuilt panel

Expert Solution
Questions # 56:

Which search string only returns events from hostWWW3?

Options:
A.

B. host=WWW3

B.

C. host=WWW*

C.

D. Host=WWW3

Expert Solution
Questions # 57:

Which search will return only events containing the word “error” and display the results as a table that includes

the fields named action, src, and dest?

Options:
A.

error | table action, src, dest

B.

error | tabular action, src, dest

C.

error | stats table action, src, dest

D.

error | table column=action column=src column=dest

Expert Solution
Questions # 58:

What is the default lifetime of every Splunk search job?

Options:
A.

All search jobs are saved for 10 days

B.

All search jobs are saved for 10 hours

C.

All search jobs are saved for 10 weeks

D.

All search jobs are saved for 10 minutes

Expert Solution
Questions # 59:

Which of the following searches would return events with failure in index netfw or warn or critical in index netops?

Options:
A.

(index=netfw failure) AND index=netops warn OR critical

B.

(index=netfw failure) OR (index=netops (warn OR critical))

C.

(index=netfw failure) AND (index=netops (warn OR critical))

D.

(index=netfw failure) OR index=netops OR (warn OR critical)

Expert Solution
Questions # 60:

When an alert action is configured to run a script, Splunk must be able to locate the script. Which is one of the directories Splunk will look in to find the script?

Options:
A.

$SPLUNK_HOME/bin/scripts

B.

$SPLUNK_HOME/etc/scripts

C.

$SPLUNK_HOME/bin/etc/scripts

D.

$SPLUNK_HOME/etc/scripts/bin

Expert Solution
Viewing page 6 out of 8 pages
Viewing questions 51-60 out of questions