Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Splunk Core Power User > Creating Knowledge Objects > Flashcards

Creating Knowledge Objects Flashcards

1
Q

Which function is used to send field values externally in Workflow Actions?

  • GET
  • POST
  • Search
  • PUT
A

POST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Surround the macro name with the _____ when executing the macro in search.

  • Backtick character
  • Single quote character
  • Double quote character
  • Dollar sign
A

Backtick character

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Select all knowledge objects.

  • lookups
  • users
  • workflow actions
  • field aliases
A

lookups
workflow actions
field aliases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

When adding arguments to a macro, include the number of arguments in_____

  • Parentheses after the macro name
  • Using the pipe function
  • Parentheses before the macro name
  • Dollar signs with the search definition
A

Parentheses after the macro name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or False: Splunk knowledge objects can only be used privately.

TRUE
FALSE

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following are ways you can create an event type. Select all that apply.

  • Settings > Event types > “New Event Type”
  • Run a search, then save as Event Type
  • From event details, select Event Actions > Build Event Type
A

Settings > Event types > “New Event Type”
Run a search, then save as Event Type
From event details, select Event Actions > Build Event Type

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which workflow actions require you to specify if the behavior should open in a new window or current window? Select all that apply.

  • POST
  • Search
  • PUT
  • GET
A

POST
Search
GET

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

If you have a tag label called “homeoffice” associated with the field/value pair system_ip=<your>, when you run a search using the tag=homeoffice constraint, what events will be returned?</your>

  • events from _internal
  • field lookup table
  • events with the value of the system_ip field equal to your ip address
A

events with the value of the system_ip field equal to your ip address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

To perform a secondary search, use a _______ workflow action

  • POST
  • GET
  • Search
  • PUT
A

Search

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which statement best describes the function of a Workflow Action

  • Retrieves information from an external source x
  • Allows users to interact with web resources x
  • Uses field values to perform a secondary search x
  • Sends field values to an external source x
A

Retrieves information from an external source
Allows users to interact with web resources
Uses field values to perform a secondary search
Sends field values to an external source

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Splunk Core Power User (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions