SPLK-1002 · Question #225
SPLK-1002 Question #225: Real Exam Question with Answer & Explanation
The correct answer is B: Tag= Pri*. A tag is a descriptive label that you can apply to one or more fields or field values in your events. You can use tags to simplify your searches by replacing long or complex field names or values with short and simple tags. To search for events that contain a tag name, you can us
Question
Which of the following searches will return events contains a tag name Privileged?
Options
- ATag= Priv
- BTag= Pri*
- CTag= Priv*
- DTag= Privileged
Explanation
A tag is a descriptive label that you can apply to one or more fields or field values in your events. You can use tags to simplify your searches by replacing long or complex field names or values with short and simple tags. To search for events that contain a tag name, you can use the tag keyword followed by an equal sign and the tag name. You can also use wildcards (*) to match partial tag names. Therefore, option B is correct because it will return events that contain a tag name that starts with Pri. Options A and D are incorrect because they will only return events that contain an exact tag name match. Option C is incorrect because it will return events that contain a tag name that starts with Priv, not Privileged.
Topics
Community Discussion
No community discussion yet for this question.