← Back to exam page

SPLK-1002 Splunk Core Certified Power User Exam

Loading demo links...

Showing 4–6 of 10 questions

Question 4

Which of the following statements describe the search below? (Choose all that apply.)

index=main | transaction clientip host maxspan=30s maxpause=5s

Select all that apply, then click Submit answer.

  • Events in the transaction occurred within 5 seconds.

  • It groups events that share the same clientip and host.

  • The first and last events are no more than 5 seconds apart.

  • The first and last events are no more than 30 seconds apart
Question 5

Information needed to create a GET workflow action includes which of the following? (Choose all that apply.)

Select all that apply, then click Submit answer.

  • A name for the workflow action.

  • A URI where the user will be directed at search time.

  • A label that will appear in the Event Action menu at search time.

  • A name for the URI where the user will be directed at search time.
Question 6

Which of the following searches will return events containing a tag named Privileged?

Select an option, then click Submit answer.

  • tag=Priv

  • tag=Priv*

  • tag=priv*

  • tag=privileged