nerdexam
CrowdStrike

CCFH-202B · Question #5

CCFH-202B Question #5: Real Exam Question with Answer & Explanation

The correct answer is C. strftime. The strftime eval function is used to convert Unix times (Epoch) into UTC readable time. It takes two arguments: a Unix time field and a format string that specifies how to display the time. The now, typeof, and relative_time eval functions are not used to convert Unix times into

Question

SPL (Splunk) eval statements can be used to convert Unix times (Epoch) into UTC readable time. Which eval function is correct?

Options

  • Anow
  • Btypeof
  • Cstrftime
  • Drelative time

Explanation

The strftime eval function is used to convert Unix times (Epoch) into UTC readable time. It takes two arguments: a Unix time field and a format string that specifies how to display the time. The now, typeof, and relative_time eval functions are not used to convert Unix times into UTC

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CCFH-202B Practice