Question 1

What kind of logs can Splunk Index?

Options :

A : Only A, B

B : Router and Switch Logs

C : Firewall and Web Server Logs

D : Only C

E : Database logs

F : All firewall, web server, database, router and switch logs

Answer: A

Question 2

Which search string returns a filed containing the number of matching events and names that field Event Count?

Options :

A : index=security failure | stats sum as “Event Count”

B : index=security failure | stats count as “Event Count”

C : index=security failure | stats count by “Event Count”

D : index=security failure | stats dc(count) as “Event Count”

Answer: B

Question 3

Which Boolean operator is implied between search terms, unless otherwise specified?

Options :

A : OR

B : AND

C : NOT

D : NAND

Answer: B

Question 4

What will always appear in the Selected Fields list?

Options :

A : index

B : action

C : clientip

D : sourcetype

Answer: D

Question 5

In the Search and Reporting app, which tab displays timecharts and bar charts?

Options :

A : Events

B : Patterns

C : Statistics

D : Visualization

Answer: D