Exam SPLK-1002 Topic 2 Question 66 Discussion
Actual exam question for Splunk's SPLK-1002 exam
Question #: 66
Topic #: 2
Question #: 66
Topic #: 2
Which search would limit an "alert" tag to the "host" field?
Suggested Answer: D Vote an answer
The search below would limit an "alert" tag to the "host" field.
tag::host=alert
The search does the following:
It uses tag syntax to filter events by tags. Tags are custom labels that can be applied to fields or field
values to provide additional context or meaning for your data.
It specifies tag::host=alert as the tag filter. This means that it will only return events that have an "alert"
tag applied to their host field or host field value.
It uses an equal sign (=) to indicate an exact match between the tag and the field or field value.
tag::host=alert
The search does the following:
It uses tag syntax to filter events by tags. Tags are custom labels that can be applied to fields or field
values to provide additional context or meaning for your data.
It specifies tag::host=alert as the tag filter. This means that it will only return events that have an "alert"
tag applied to their host field or host field value.
It uses an equal sign (=) to indicate an exact match between the tag and the field or field value.
by Ethel at Feb 27, 2026, 12:08 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).