Splunk Core Certified User Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Splunk Core Certified User Exam. Utilize multiple choice questions with hints and explanations to enhance your understanding. Ace your exam with confidence!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

What needs to be added to get the count of unique domains visited?

  1. `| stats count(domain)`

  2. `| stats dc(domain)`

  3. `| count by domain`

  4. `| stats values(domain)`

The correct answer is: `| stats dc(domain)`

To obtain the count of unique domains visited, using `| stats dc(domain)` is the most appropriate choice. The function `dc()` stands for "distinct count," and it specifically counts the number of unique values in the specified field—in this case, the "domain." Therefore, this command efficiently provides the desired outcome of counting how many different domains have been visited. Other options, while they do perform operations on the domain field, do not focus specifically on counting unique entries. For instance, `| stats count(domain)` gives the total count of events related to domains, but not how many unique domains are present. Likewise, `| count by domain` would summarize the counts of all events for each individual domain rather than providing a single count of unique domains. Lastly, `| stats values(domain)` lists all unique domains visited, but it does not provide a count, which is the specific requirement in this case.

More Questions Like This