100% Free Splunk SPLK-1002 Exam Sample Questions | Verified By Experts
Splunk Core Certified Power User Exam Questions & Answers Demo Questions: 1 Calculated fields can be based on which of the following? A. Tags B. Extracted fields C. Output fields for a lookup D. Fields generated from a search string Answer: B Questions: 2 Which of the following statements describes this search? sourcetype=access_combined I transaction JSESSIONID | timechart avg (duration) A. This is a valid search and will display a timechart of the average duration, of each transaction event. B. This is a valid search and will display a stats table showing the maximum pause among transactions. C. No results will be returned because the transaction command must include the startswith and endswith options. D. No results will be returned because the transaction command must be the last command used in the search pipeline. Answer: A Questions: 3 Which of the following searches will return events contains a tag name Privileged? A. Tag= Priv B. Tag= Priv* C. Tag= Priv* D. Ta...