exam questions

Exam SPLK-1001 All Questions

View all questions & answers for the SPLK-1001 exam

Exam SPLK-1001 topic 1 question 80 discussion

Actual exam question from Splunk's SPLK-1001
Question #: 80
Topic #: 1
[All SPLK-1001 Questions]

By default, which of the following is a Selected Field?

  • A. action
  • B. clientip
  • C. categoryId
  • D. sourcetype
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Reference:
https://docs.splunk.com/Documentation/Splunk/7.3.1/SearchTutorial/Usefieldstosearch#Specify_additional_selected_fields

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
labarcaremo635
Highly Voted 1 year, 7 months ago
Answer is D, page 79 in PDF
upvoted 9 times
...
Flavour
Highly Voted 1 year, 7 months ago
Selected Fields contain default Fields host,source and sourcetype. D is correct
upvoted 7 times
...
Iman1367
Most Recent 8 months, 3 weeks ago
D is correct.
upvoted 1 times
...
Robbe
1 year, 7 months ago
The answer should be A. "Action"
upvoted 1 times
emlch
4 weeks ago
action isn't a selected field, selected fields are by default: host, source and sourcetype. Action might be a interesting field depending or you events.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago