exam questions

Exam SPLK-1004 All Questions

View all questions & answers for the SPLK-1004 exam

Exam SPLK-1004 topic 1 question 38 discussion

Actual exam question from Splunk's SPLK-1004
Question #: 38
Topic #: 1
[All SPLK-1004 Questions]

What capability does a power user need to create a Log Event alert action?

  • A. edit_search_server
  • B. edit_udp
  • C. edit_tcp
  • D. edit_alerts
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
cagdaskarabag
1 month ago
Selected Answer: C
To create a "Log Event" alert action in Splunk, a user without the admin role requires the edit_tcp capability. This is necessary to ensure that the log event action functions properly, as highlighted in the Splunk Community discussion and documentation
upvoted 1 times
...
ykamalharsha
1 month, 1 week ago
Selected Answer: D
To create a Log Event alert action in Splunk, a power user needs the edit_alerts capability. This capability allows users to create, edit, and manage alert actions, including Log Event alerts
upvoted 1 times
...
Eddie_exam
8 months, 1 week ago
Selected Answer: C
Correct answer is C. See Fundamentals 3 slide 108.
upvoted 2 times
...
Derag
8 months, 1 week ago
It is C. If not admin, a power user should have edit_tcp to create a log event alert.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago