In what order are the following knowledge objects/configurations applied?

• A.Field Aliases, Field Extractions, Lookups
• B.Field Extractions, Field Aliases, Lookups
• C.Field Extractions, Lookups, Field Aliases
• D.Lookups, Field Aliases, Field Extractions

Comment: *

Name: *

Email: *

Verification: *

Which function should you use with the transaction command to set the maximum total time between the
earliest and latest events returned?

• A.maxpause
• B.maxspan
• C.maxduration
• D.endswith

Comment: *

Name: *

Email: *

Verification: *

There are several ways to access the field extractor. Which option automatically identifies data type, source type, and sample event?

• A.Event Actions > Extract Fields
• B.Settings > Field Extractions > Open Field Extraction
• C.Fields sidebar > Extract New Field
• D.Settings > Field Extractions > New Field Extraction

Comment: *

Name: *

Email: *

Verification: *

Running a scheduled saved report______.

• A.Returns the results from the last time the report was saved
• B.Returns a fresh results set

Comment: *

Name: *

Email: *

Verification: *

The iplocation and geostats command can be used together.

• A.True
• B.False

Comment: *

Name: *

Email: *

Verification: *