Put query into separate lines where | (Pipes) are used by selecting following options.

• A.Shift + Enter
• B.Space + Enter
• C.ALT + Enter
• D.CTRL + Enter

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a metadata field assigned to every event in Splunk?

• A.host
• B.bytes
• C.owner
• D.action

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the best way to create a report that shows the last 24 hours of events?

• A.Use earliest=-1d@d latest=@d
• B.Use the time range picket to select "Yesterday"
• C.Set a real-time search over a 24-hour window
• D.Use the time range picker to select "Last 24 hours"

Comment: *

Name: *

Email: *

Verification: *

In the Fields sidebar, what does the number directly to the right of the field name indicate?

• A.The value of the field
• B.The number of values for the field
• C.The number of unique values for the field
• D.The numeric non-unique values of the field

Comment: *

Name: *

Email: *

Verification: *

Which Field/Value pair will return only events found in the index named security?

• A.Index=security
• B.index!=Security
• C.Index=Security
• D.index=Security

Comment: *

Name: *

Email: *

Verification: *