When should transaction be used?
When should transaction be used?
The transaction command in Splunk is used when event grouping is based on start/end values. This is especially useful in scenarios where you need to see events correlated together over a duration or session that spans multiple events. For example, tracking a user session on a website from the start (login) to the end (logout) would require grouping these events based on their start and end values.
When event grouping is based on start/end values.
C is correct answer .
Answer is C
Only C NOT B
C is the answer Page 135. Use transaction when you - Need to see events correlated together - Must define event grouping based on start/end values or segment on time
C is the correct
answer is C
Definately C
C is correct answer. ONLY use transaction when you - Need to see events correlated together OR - Must define event grouping based on start/end values or segment on time
| Search is more appropriate for B.
B would be for stats. Answer is obviously C.
C is correct answer
The transaction command is most useful in two specific cases: When a unique ID (from one or more fields) alone is not sufficient to discriminate between two transactions. This is the case when the identifier is reused, for example web sessions identified by cookie or client IP2. When event grouping is based on start/end values
Correct answer is C. Transactions are events that span time hence the Start/ End values
C Is the correct answer
Only use "transaction" when you- Need to see events correlated together, - Must define event grouping based on start/end values or segment on time.
wow. will this exam be updated for correct answers? it's C!