Splunk Power User Exam Prep 2023 (Fundamentals
2);Quiz questions and answers from Fundamentals 2 and
other useful points following the blueprint with complete
solution
True or False: The search job inspector shows you how long a given search took
to run.
True
When searching, field values are case:
Insensitive
Warm buckets in Splunk indexes are named by:
Select your answer.
A: a naming convention the administrator determines
B: the server that sent the events
C: the timestamps of first and last event in the bucket
C
Bucket names in Splunk indexes are used to:
Select your answer.
A: indicate where the bucket should be stored when it transfers from hot to cold
B: determine who has access to the events
C: determine if the bucket should be searched based on the time range of the
search
C
Which of the following is NOT a stats function:
Select your answer.
A: avg
B: sum
C: addtotals
D: count
C
The timechart command buckets data in time intervals depending on:
Select your answer.
A: the type of visualization selected
B: the selected time range
C: the number of events returned
B
Which of these search strings is NOT valid:
Select your answer.
A: index=web status=50* | chart count by host, status
, B: index=web status=50* | chart count over host, status
C: index=web status=50* | chart count over host by status
B
In this search, __________ will appear on the y-axis. SEARCH:
sourcetype=access_combined status!=200 | chart count over host
Select your answer.
A: status
B: count
C: host
B
Which type of visualization allows you to show a third dimension of data?
Select your answer.
A: pie chart
B: scatter chart
C: area chart
D: bubble chart
D
Which option is NOT available with the chart and timechart commands?
Select your answer.
A: useother
B: usefill
C: limit
B
The trendline command requires the following three arguments:
Select your answer.
A: trend type, time period, and field
B: wma, sma, and ema
A
Which of the following are valid options with the chart command?
Select all that apply.
A: usenull
B: usefield
C: fillfield
D: useother
A and D
Which command is used to create choropleth maps?
Select your answer.
A: geom
B: cluster
C: geostats
2);Quiz questions and answers from Fundamentals 2 and
other useful points following the blueprint with complete
solution
True or False: The search job inspector shows you how long a given search took
to run.
True
When searching, field values are case:
Insensitive
Warm buckets in Splunk indexes are named by:
Select your answer.
A: a naming convention the administrator determines
B: the server that sent the events
C: the timestamps of first and last event in the bucket
C
Bucket names in Splunk indexes are used to:
Select your answer.
A: indicate where the bucket should be stored when it transfers from hot to cold
B: determine who has access to the events
C: determine if the bucket should be searched based on the time range of the
search
C
Which of the following is NOT a stats function:
Select your answer.
A: avg
B: sum
C: addtotals
D: count
C
The timechart command buckets data in time intervals depending on:
Select your answer.
A: the type of visualization selected
B: the selected time range
C: the number of events returned
B
Which of these search strings is NOT valid:
Select your answer.
A: index=web status=50* | chart count by host, status
, B: index=web status=50* | chart count over host, status
C: index=web status=50* | chart count over host by status
B
In this search, __________ will appear on the y-axis. SEARCH:
sourcetype=access_combined status!=200 | chart count over host
Select your answer.
A: status
B: count
C: host
B
Which type of visualization allows you to show a third dimension of data?
Select your answer.
A: pie chart
B: scatter chart
C: area chart
D: bubble chart
D
Which option is NOT available with the chart and timechart commands?
Select your answer.
A: useother
B: usefill
C: limit
B
The trendline command requires the following three arguments:
Select your answer.
A: trend type, time period, and field
B: wma, sma, and ema
A
Which of the following are valid options with the chart command?
Select all that apply.
A: usenull
B: usefield
C: fillfield
D: useother
A and D
Which command is used to create choropleth maps?
Select your answer.
A: geom
B: cluster
C: geostats
