SPLK-1002 Free Practice Test

- (Exam Topic 2)
Which of the following is true about Pivot?

1. A. Users can save reports from Pivot.
2. B. Users cannot share visualizations created with Pivot.
3. C. Users must use SPL to find events in a Pivot.
4. D. Users cannot create visualizations with Pivot.

Correct Answer: A
In Splunk, Pivot is a tool that allows you to report on a specific data set without using the Splunk Search Processing Language (SPL™)1. You can use a drag-and-drop interface to design and generate pivots that present different aspects of your data in the form of tables, charts, and other visualizations12.
One of the features of Pivot is that it allows you to save your reports1. This can be useful when you want to reuse a report or share it with others1. Therefore, it’s not true that users cannot share visualizations created with Pivot or that they must use SPL to find events in a Pivot12. It’s also not true that users cannot create visualizations with Pivot, as creating visualizations is one of the main functions of Pivot12.

- (Exam Topic 2)
Which of the following searches would return a report of sales by product-name?

1. A. chart sales by product_name
2. B. chart sum(price) as sales by product_name
3. C. stats sum(price) as sales over product_name
4. D. timechart list(sales), values(product_name)

Correct Answer: B

https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchReference/Chart https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchReference/Stats

- (Exam Topic 1)
When should you use the transaction command instead of the scats command?

1. A. When you need to group on multiple values.
2. B. When duration is irrelevant in search result
3. C. .
4. D. When you have over 1000 events in a transaction.
5. E. When you need to group based on start and end constraints.

Correct Answer: C

- (Exam Topic 1)
Which of the following are required to create a POST workflow action?

1. A. Label, URI, search string.
2. B. XMI attributes, URI, name.
3. C. Label, URI, post arguments.
4. D. URI, search string, time range picker.

Correct Answer: B

- (Exam Topic 1)
What does the transaction command do?

1. A. Groups a set of transactions based on time.
2. B. Creates a single event from a group of events.
3. C. Separates two events based on one or more values.
4. D. Returns the number of credit card transactions found in the event logs.

Correct Answer: B