exam questions

Exam SPLK-1002 All Questions

View all questions & answers for the SPLK-1002 exam

Exam SPLK-1002 topic 1 question 100 discussion

Actual exam question from Splunk's SPLK-1002
Question #: 100
Topic #: 1
[All SPLK-1002 Questions]

What is the correct syntax to find events associated with a tag?

  • A. tag:<field>=<value>
  • B. tags=<value>
  • C. tags:<field>=<value>
  • D. tag=<value>
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
kgcykyzoxjxhvfazje
Highly Voted 2 years ago
The answers here have a typo. The actual answer is A, bit with an extra colon. In the test it said tag::<field>=value, which is the correct answer.
upvoted 5 times
tag::<field>=<value> I mean, that was one of the answersing possibilities in the test.
upvoted 1 times
kirtak
1 year, 8 months ago
Search for tagged field values You have two ways to search for tags. To search for a tag associated with a value in any field, use the following syntax: tag=<tagname> To search for a tag associated with a value in a specific field, use the following syntax: tag::<field>=<tagname>
upvoted 1 times
...
...
...
FrozenYeti
Most Recent 1 week, 3 days ago
Selected Answer: A
A should be correct. You need to use the tag command with the "::" and field-value pair. Thus, it should be tag::<field>=<value>. Try tagging data in your search results and adding that tag to your search.
upvoted 1 times
...
NastyNutsu
2 weeks, 5 days ago
Selected Answer: D
A. wrong, this should be tag::<field>=<value> B. wrong, this should be tag=<value> C.wrong, this should be tags::<field>=<value> D. yes
upvoted 1 times
...
ISDL29
1 year, 4 months ago
I think it's D because you search for all events with that tag, regardless of the fields that are associated with that.
upvoted 1 times
...
Dree_Dogg
1 year, 4 months ago
Selected Answer: D
Answer is D. kirtak's explaination is spot on.
upvoted 1 times
...
Dree_Dogg
1 year, 4 months ago
Selected Answer: D
Correct answer is D
upvoted 1 times
...
shergar
2 years, 2 months ago
Selected Answer: D
See link posted by ergril
upvoted 4 times
...
ergril
2 years, 2 months ago
Selected Answer: D
https://docs.splunk.com/Documentation/Splunk/9.0.1/Knowledge/Abouttagsandaliases To search for all routers in San Francisco that are not in Building1, use the following search. tag=router tag=SF NOT (tag=Building1)
upvoted 4 times
...
Brycedream
2 years, 2 months ago
Selected Answer: B
B. tags=<value> seems to be OK
upvoted 2 times
Brycedream
2 years, 2 months ago
No D without "s" on tag D. tag=<value>
upvoted 6 times
...
...
TestingAccount900
2 years, 3 months ago
Technically none of them are correct, there is only a single :, should be ::
upvoted 2 times
...
xprience
2 years, 3 months ago
A is right
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago