Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Splunk Discussions
exam questions

Exam SPLK-5001 All Questions

View all questions & answers for the SPLK-5001 exam
Go to Exam

Exam SPLK-5001 topic 1 question 59 discussion

Actual exam question from Splunk's SPLK-5001
Question #: 59
Topic #: 1
[All SPLK-5001 Questions]

While testing the dynamic removal of credit card numbers, an analyst lands on using the rex command. What mode needs to be set to in order to replace the defined values with X?
| makeresults
| eval ccnumber="511388720478619733"
| rex field=ccnumber mode=??? "s/(\d{4}-){3)/XXXX-XXXX-XXXX-/g"
Please assume that the above rex command is correctly written.

  • A. sed
  • B. replace
  • C. mask
  • D. substitute
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by nosavotor at Sept. 26, 2024, 9:13 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
christophe_ciwr
1 week, 1 day ago
A https://docs.splunk.com/Documentation/SCS/current/SearchReference/RexCommandExamples
upvoted 1 times
...
CeeCapi
2 weeks, 5 days ago
A. sed is correct. In Splunk, setting mode=sed with the rex command allows the use of sed-style substitution to replace matched patterns with specified values, such as replacing parts of a credit card number with "X". The sed mode is specifically designed for search-time string replacements and masking sensitive data. So, the correct syntax would be: | makeresults | eval ccnumber="511388720478619733" | rex field=ccnumber mode=sed "s/(\d{4}-){3}/XXXX-XXXX-XXXX-/g"
upvoted 2 times
...
Nss_dfir
1 month, 2 weeks ago
Selected Answer: C
To replace defined values with "X" using the rex command in Splunk, you should set the mode to C. mask. Using the mask mode will ensure that the credit card number is masked as intended.
upvoted 1 times
...
nosavotor
1 month, 3 weeks ago
Someone please verify the accuracy of this answer
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel