Free SPLK-1002 Exam Braindumps

- (Exam Topic 1)
What does the following search do?

1. A. Creates a table of the total count of users and split by corndogs.
2. B. Creates a table of the total count of mysterymeat corndogs split by user.
3. C. Creates a table with the count of all types of corndogs eaten split by user.
4. D. Creates a table that groups the total number of users by vegetarian corndogs.

Correct Answer: A

- (Exam Topic 1)
Which of the following statements about tags is true?

1. A. Tags are case insensitive.
2. B. Tags are created at index time.
3. C. Tags can make your data more understandable.
4. D. Tags are searched by using the syntax tag: :

Correct Answer: C

- (Exam Topic 1)
Which of the following statements describe the search below? (select all that apply) Index=main I transaction clientip host maxspan=30s maxpause=5s

1. A. Events in the transaction occurred within 5 seconds.
2. B. It groups events that share the same clientip and host.
3. C. The first and last events are no more than 5 seconds apart.
4. D. The first and last events are no more than 30 seconds apart.

Correct Answer: B

- (Exam Topic 1)
Which are valid ways to create an event type? (select all that apply)

1. A. By using the searchtypes command in the search bar.
2. B. By editing the event_type stanza in the props.conf file.
3. C. By going to the Settings menu and clicking Event Types > New.
4. D. By selecting an event in search results and clicking Event Actions > Build Event Type.

Correct Answer: CD

- (Exam Topic 1)
What are the two parts of a root event dataset?

1. A. Fields and variables.
2. B. Fields and attributes.
3. C. Constraints and fields.
4. D. Constraints and lookups.

Correct Answer: C