1. Home
  2. Splunk
  3. Splunk Core Certified Power User
  4. SPLK-1002
  5. Splunk Core Certified Power User Exam Questions and Answers

Pass the Splunk Splunk Core Certified Power User SPLK-1002 Questions and answers with CertsForce

 Splunk Exams      Go to Exam Detail      Get Premium Access
Viewing page 9 out of 9 pages
Viewing questions 81-90 out of questions
Questions # 81:

These users can create global knowledge objects. (Select all that apply.)

Options:
A.

users

B.

power users

C.

administrators

Expert Solution
Questions # 82:

When using the transaction command, what does the argument maxspan do?

Options:
A.

Sets the maximum total time between events in a transaction.

B.

Sets the maximum length of all events within a transaction.

C.

Sets the maximum total time between the earliest and latest events in a transaction.

D.

Sets the maximum length that any single event can reach to be included in the transaction.

Expert Solution
Questions # 83:

This function of the stats command allows you to return the sample standard deviation of a field.

Options:
A.

stdev

B.

dev

C.

count deviation

D.

by standarddev

Expert Solution
Questions # 84:

What is the purpose of the fillnull command?

Options:
A.

Replace empty values with a specified value.

B.

Create a new field based on the values in an existing field.

C.

Rename a specific field in the search results.

D.

Replace all values in a specific field with a default value.

Expert Solution
Questions # 85:

What is the purpose of a calculated field?

Options:
A.

To automatically add fields to the index using an eval expression rather than manually including an eval command.

B.

To manually add and remove fields at search time related to statistical functions.

C.

To automatically add fields at search time using an eval expression rather than manually including an eval command.

D.

To manually add fields at search time and check for syntax errors.

Expert Solution
Questions # 86:

How do event types help a user search their data?

Options:
A.

Event types can optimize data storage.

B.

Event types improve dashboard performance.

C.

Event types improve search performance.

D.

Event types categorize events based on a search string.

Expert Solution
Questions # 87:

If a calculated field has the same name as an extracted field, what happens to the extracted field?

Options:
A.

The calculated field will override the extracted field.

B.

The calculated and extracted fields will be combined.

C.

The calculated field will duplicate the extracted field.

D.

An error will be returned and the search will fail.

Expert Solution
Questions # 88:

What will you learn from the results of the following search?

sourcetype=cisco_esa | transaction mid, dcid, icid | timechart avg(duration)

Options:
A.

The average time elapsed during each transaction for all transactions

B.

The average time for each event within each transaction

C.

The average time between each transaction

Expert Solution
Viewing page 9 out of 9 pages
Viewing questions 81-90 out of questions