ExamTopics Logo
Mail Us[email protected]
Menu
Splunk Discussions
exam questions

Exam SPLK-1001 All Questions

View all questions & answers for the SPLK-1001 exam
Go to Exam

Exam SPLK-1001 topic 1 question 195 discussion

Actual exam question from Splunk's SPLK-1001
Question #: 195
Topic #: 1
[All SPLK-1001 Questions]

Which search will return the 15 least common field values for the dest_ip field?

  • A. sourcetype=firewall | rare num=15 dest_ip
  • B. sourcetype=firewall | rare last=15 dest_ip
  • C. sourcetype=firewall | rare count=15 dest_ip
  • D. sourcetype=firewall | rare limit=15 dest_ip
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by parelo at June 29, 2020, 11:59 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
falssa
10 months, 1 week ago
Selected Answer: D
Definitely D
upvoted 1 times
...
sborisv
10 months, 2 weeks ago
D; Error in 'rare' command: Invalid argument: 'count=15'
upvoted 1 times
...
igweifeanyi
10 months, 3 weeks ago
D is the sure answer
upvoted 2 times
...
qtygbapjpesdayazko
1 year ago
Selected Answer: D
The correct is D
upvoted 3 times
...
Requete
1 year ago
Selected Answer: D
D is correct
upvoted 2 times
...
CarloSplunk
1 year, 7 months ago
D is correct. count is not part of the top-options https://docs.splunk.com/Documentation/Splunk/8.2.2/SearchReference/Rare
upvoted 3 times
...
labarcaremo635
2 years, 6 months ago
Di is correct. page 119 of the PDF
upvoted 2 times
...
Mohd317
2 years, 6 months ago
The correct is D
upvoted 1 times
...
stallone
2 years, 10 months ago
D is correct answer.
upvoted 2 times
...
parelo
2 years, 11 months ago
D is the right answer. Count does not exist for rare https://docs.splunk.com/Documentation/Splunk/8.0.4/SearchReference/Rare#:~:text=The%20rare%20command%20is%20a,the%20limit%20argument%20is%2010.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel