Splunk

SPLK-3001 · Question #48

SPLK-3001 Question #48: Real Exam Question with Answer & Explanation

The correct answer is C. Events in the threat_activity index.. https://docs.splunk.com/Documentation/ES/6.4.1/Admin/Createthreatmatchspecs

Question

What do threat gen searches produce?

Options

AThreat correlation searches.
BThreat intel in KV Store collections.
CEvents in the threat_activity index.
DThreat notables in the notable index.

Explanation

https://docs.splunk.com/Documentation/ES/6.4.1/Admin/Createthreatmatchspecs

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion

Full SPLK-3001 Practice