Which of the following is the most efficient filter for running searches in Splunk?

• A.Selected Fields
• B.Sourcetype
• C.Fast mode
• D.Time

Comment: *

Name: *

Email: *

Verification: *

Which command is used to review the contents of a specified static lookup file?
lookup

• A.outputlookup
• B.inputlookup
• C.csvlookup

Comment: *

Name: *

Email: *

Verification: *

Which search string matches only events with the status_code of 4:4?

• A.status code>403 status_code<405
• B.status_code !=404
• C.status_code<=404
• D.status_code>=400

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a correct way to limit search results to display the 5 most common values of a field?

• A.| rare limit=5
• B.| rare top=5
• C.| top limit=5
• D.| top rare=5

Comment: *

Name: *

Email: *

Verification: *

Which search will return the 15 least common field values for the dest_ip field?

• A.sourcetype=firewall | rare count=15 dest_ip
• B.sourcetype=firewall | rare limit=15 dest_ip
• C.sourcetype=firewall | rare last=15 dest_ip
• D.sourcetype=firewall | rare num=15 dest_ip

Comment: *

Name: *

Email: *

Verification: *