Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Splunk Begginer > Step 1 > Flashcards

Step 1 Flashcards

1
Q

What are the 3 main roles out of the box with splunk

A

Admin, User, Power

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Can a power user create additional roles

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What app is used for the exam

A

Search and Reporting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does the hostname represent when

importing data

A

The Name of the server the data is coming from

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data: What does the Upload Option do

A

Uploads local files that get indexed once

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Data: What does the monitor option do

A

Monitors Files, Directories, HTTP Events, or Data Gathering Scripts on Splunk instances

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Data: What does the forward option do

A

Data is gathered on a remote machine and forwarded to an index over a receiving port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the 3 data summary tabs

A

Host, Sources and Source Types

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Search Results are displayed in reverse chronological order, True or False

A

TRUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Every Search is also a Job. True or False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How long does a job last for after its created

A

10 Minutes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

whats the maximum a Job be extended to?

A

7 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which menu gives you access to your jobs history?

A

Activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are fields?

A

Serachable value/pairs in your event data i.e. host=www1, stats=404

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is implied automatically between serach fields

A

AND

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Define Selected Fields and their defaults

A

Occur in every event, host, source, sourcetype

17
Q

Can a selected field by any field

A

YES

18
Q

___ is generally better than ____ when searching

A

Inclusion is generally better than exclusion when searching

19
Q

does the @ symbol round up or down

A

Rounds down to nearest time depending on delimiter i.e. hms

20
Q

Whats the purpose of an index for administrators

A

to segregrate data to limit access by splunk role

21
Q

Its possible to specify multiple indexes in one search. True or False

A

True, using the OR command i.e. (index=security OR index=weblogs)

22
Q

What does the ‘|’ do

A

Takes these events and…

23
Q

What are the 5 basic search components

A

Search Terms, Commands, Functions, Arguments and Clauses

24
Q

Table Function Only the fields in the argument list. True or False

A

True

25
Q

What command removes duplicates from your results

A

dedup

Splunk Begginer (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions