Question 1

How can another user gain access to a saved report?

Options :

A : The owner of the report can edit permissions from the Edit dropdown

B : Only users with an Admin or Power User role can access other users' reports

C : Anyone can access any reports marked as public within a shared Splunk deployment

D : The owner of the report must clone the original report and save it to their user account

Answer: A

Question 2

Every Search in Splunk is also called _____________.

Options :

A : None of the above

B : Job

C : Search Only

Answer: B

Question 3

What are the three main Splunk components?

Options :

A : Search head, GPU, streamer

B : Search head, indexer, forwarder

C : Search head, SQL database, forwarder

D : Search head, SSD, heavy weight agent

Answer: B

Question 4

Which of the following searches would return only events that match the following criteria? • Events are inside the main index • The field status exists in the event • The value in the status field does not equal 200

Options :

A : index==main status!==200

B : index=main NOT status=200

C : index==main NOT status==200

D : index-main status!=200

Answer: C

Question 5

You are able to create new Index in Data Input settings.

Options :

A : No

B : Yes

Answer: B

Smartly Prepare Exam with Free Online SPLK-1001 Practice Test

Buying Options: