Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Splunk Fundamentals > Lookups > Flashcards

Lookups Flashcards

1
Q

What is the function of a lookup?

A

Allows you to add values to your events not included in the indexed data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Are lookup fields case sensitive?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How do you start a new lookup i.e. which menus

A

Settings, Lookups, Add New

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the purpose of ‘Automatic Lookup’

A

It means you don’t have to ‘define’ a lookup in your search, you can use predefined search

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Give an example of a manual lookup

A

Sourcetype=access_combined NOT status=200 | lookup http_status as status, OUTPUT code as “HTTP Code”, description as “HTTP Descritpion”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Given an example of an automatic lookup for the same as the last quesetion

A

Sourcetype=access_combined NOT status=200 | table host, “Code’, “Description”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Splunk Fundamentals (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions