← Back to exam page

SPLK-1001 Splunk Core Certified User

Loading demo links...

Showing 1–3 of 15 questions

Question 1

Select the best options for "search best practices" in Splunk:

(Choose five.)

Select all that apply, then click Submit answer.

  • Select the time range always.

  • Try to specify index values.

  • Include as many search terms as possible.

  • Never select time range.

  • Try to use * with every search term.

  • Inclusion is generally better than exclusion.

  • Try to keep specific search terms.
Question 2

Data summary button just below the search bar gives you the following (Choose three.):

Select all that apply, then click Submit answer.

  • Hosts

  • Sourcetypes

  • Sources

  • Indexes
Question 3

You can also specify a time range in the search bar. You can use the following for beginning and ending for a time range (Choose two.):

Select all that apply, then click Submit answer.

  • Not possible to specify time manually in Search query

  • end=

  • start=

  • earliest=

  • latest=