Splunk Core Power User

54 cards | Total Attempts: 190 | Created by dg082 | Last updated: Aug 13, 2020 | Total Attempts: 190

Pin it

Share on reddit

- +

Chart Command

+

Related Flashcards

Navy Core Values

Core Test Paul Mitchell

A+ Core (Hardware): Practice Test

Cards In This Set

Front	Back
Chart Command	Can display any series of data you want to chart
Timechart Command	Performs statistical aggregations over time
Timecharts are best represented by	Line or area charts
Eval command	perform calculations convert values round values format values use conditional statements
Eval command	Allows you to calculate and manipulate field values in a report
Search	easy if youre familiar with basic search syntax treats field values in a case insensitive manner allows searching on keyword
Where	can compare values from two different fields functions are available, such as isnotnull() field values are case-sensitive uses boolean expressions to filter search results and only keeps the results that are true
Fillnull command	Used to replace null values in fields
Transaction	Any group of related events that span time
Transaction command	Creates a single event from a group of events
Common constraints	maxspan maxpause startswith endswith
Field-list	Can be one field name or a list of field names
Events are grouped into transactions based	On the values of the fields in a field list
Single transaction	If multiple fields are specified and a relationship exists between those fields, events with related field values will be grouped into this.
Duration	The difference between the timestamps for the first and last event in the transaction