a:[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"SPLK-5001 Exam - Question 22\",\"text\":\"A Risk Notable Event has been triggered in Splunk Enterprise Security, an analyst investigates the alert, and determines it is a false positive. What metric would be used to define the time between alert creation and close of the event?\",\"answerCount\":1,\"datePublished\":\"2024-09-27T00:13:00.000Z\",\"author\":{\"@type\":\"Organization\",\"name\":\"Splunk\"},\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"\",\"datePublished\":\"2024-09-27T00:13:00.000Z\",\"upvoteCount\":1,\"author\":{\"@type\":\"Organization\",\"name\":\"Examice\"},\"url\":\"https://examice.com/forum/splunk/PzDeLe0fnj\"},\"suggestedAnswer\":[{\"@type\":\"Answer\",\"text\":\"Friends could you please confirm this answer\",\"datePublished\":\"2024-09-27T00:13:00.000Z\",\"upvoteCount\":1,\"url\":\"https://examice.com/forum/splunk/PzDeLe0fnj/#LvjyyHCayr\",\"author\":{\"@type\":\"Person\",\"name\":\"nosavotor\"}}]}}"}}],["$","div",null,{"className":"min-h-[calc(100vh_-_156px)] sm:min-h-[calc(100vh_-_166px)] flex w-full flex-col items-center bg-muted/60 sm:px-6","children":["$","div",null,{"className":"w-full max-w-[1110px] space-y-8 py-8 lg:space-y-10 lg:py-10","children":[["$","section","PzDeLe0fnj",{"className":"mx-auto space-y-8 rounded bg-white px-6 py-10 shadow-sm md:py-12","children":[["$","div",null,{"className":"group relative mx-auto max-w-[740px] overflow-hidden rounded-xl border-l-8 border-brand-active bg-gradient-to-br from-brand via-brand/95 to-brand/90 p-6 shadow-lg transition-all hover:shadow-xl","children":[["$","div",null,{"className":"absolute -right-12 -top-12 size-40 rounded-full bg-white/10 blur-3xl transition-all duration-700 group-hover:scale-125 group-hover:opacity-80"}],["$","div",null,{"className":"absolute -bottom-8 -left-8 size-24 rounded-full bg-white/5 blur-2xl transition-all duration-700 group-hover:scale-110"}],["$","div",null,{"className":"absolute left-1/2 top-1/2 size-60 -translate-x-1/2 -translate-y-1/2 rounded-full bg-white/5 opacity-0 blur-3xl transition-all duration-700 group-hover:opacity-60"}],["$","div",null,{"className":"relative flex flex-col items-center justify-between gap-6 md:flex-row","children":[["$","div",null,{"className":"flex items-center gap-x-5","children":[["$","div",null,{"className":"hidden rounded-full bg-white/15 p-3.5 shadow-inner backdrop-blur-sm transition-all duration-300 group-hover:scale-110 group-hover:bg-white/20 md:flex","children":["$","svg",null,{"width":"15","height":"15","viewBox":"0 0 15 15","fill":"none","xmlns":"http://www.w3.org/2000/svg","className":"size-6 text-white transition-transform group-hover:rotate-3","children":["$","path",null,{"d":"M3 2.5C3 2.22386 3.22386 2 3.5 2H9.08579C9.21839 2 9.34557 2.05268 9.43934 2.14645L11.8536 4.56066C11.9473 4.65443 12 4.78161 12 4.91421V12.5C12 12.7761 11.7761 13 11.5 13H3.5C3.22386 13 3 12.7761 3 12.5V2.5ZM3.5 1C2.67157 1 2 1.67157 2 2.5V12.5C2 13.3284 2.67157 14 3.5 14H11.5C12.3284 14 13 13.3284 13 12.5V4.91421C13 4.51639 12.842 4.13486 12.5607 3.85355L10.1464 1.43934C9.86514 1.15804 9.48361 1 9.08579 1H3.5ZM4.5 4C4.22386 4 4 4.22386 4 4.5C4 4.77614 4.22386 5 4.5 5H7.5C7.77614 5 8 4.77614 8 4.5C8 4.22386 7.77614 4 7.5 4H4.5ZM4.5 7C4.22386 7 4 7.22386 4 7.5C4 7.77614 4.22386 8 4.5 8H10.5C10.7761 8 11 7.77614 11 7.5C11 7.22386 10.7761 7 10.5 7H4.5ZM4.5 10C4.22386 10 4 10.2239 4 10.5C4 10.7761 4.22386 11 4.5 11H10.5C10.7761 11 11 10.7761 11 10.5C11 10.2239 10.7761 10 10.5 10H4.5Z","fill":"currentColor","fillRule":"evenodd","clipRule":"evenodd"}]}]}],["$","div",null,{"className":"flex flex-col","children":[["$","span",null,{"className":"text-center font-heading text-xl font-medium tracking-tight text-white md:text-left","children":["SPLK-5001"," Exam Questions"]}],["$","span",null,{"className":"mt-1.5 text-center text-sm text-white/90 md:text-left","children":"Browse all questions from this exam"}]]}]]}],["$","div",null,{"className":"flex items-center","children":["$","$L10",null,{"href":"/exams/splunk/splk-5001","className":"inline-flex items-center font-medium justify-center whitespace-nowrap text-sm focus-visible:outline-none focus-visible:ring-1 focus-visible:ring-ring disabled:pointer-events-none disabled:opacity-50 text-white active:bg-brand-active h-9 bg-brand-active hover:bg-white hover:text-brand-active transition-all duration-300 px-8 py-3 rounded-full shadow-md hover:shadow-lg","children":[["$","span",null,{"className":"font-medium","children":"Go to Exam"}],["$","svg",null,{"width":"15","height":"15","viewBox":"0 0 15 15","fill":"none","xmlns":"http://www.w3.org/2000/svg","className":"ml-2 size-4 transition-transform duration-300","children":["$","path",null,{"d":"M6.1584 3.13508C6.35985 2.94621 6.67627 2.95642 6.86514 3.15788L10.6151 7.15788C10.7954 7.3502 10.7954 7.64949 10.6151 7.84182L6.86514 11.8418C6.67627 12.0433 6.35985 12.0535 6.1584 11.8646C5.95694 11.6757 5.94673 11.3593 6.1356 11.1579L9.565 7.49985L6.1356 3.84182C5.94673 3.64036 5.95694 3.32394 6.1584 3.13508Z","fill":"currentColor","fillRule":"evenodd","clipRule":"evenodd"}]}]]}]}]]}]]}],["$","div",null,{"className":"mx-auto max-w-[740px] space-y-8","children":[["$","h1",null,{"className":"font-heading text-2xl font-bold text-stone-800","children":"SPLK-5001 Exam - Question 22"}],["$","hr",null,{"className":"border-stone-200"}],["$","article",null,{"className":"prose prose-sm prose-stone max-w-full md:prose-base","dangerouslySetInnerHTML":{"__html":"

A Risk Notable Event has been triggered in Splunk Enterprise Security, an analyst investigates the alert, and determines it is a false positive. What metric would be used to define the time between alert creation and close of the event?

"}}]]}],[["$","fieldset",null,{"className":"prose prose-sm prose-stone mx-auto max-w-[740px] space-y-4 rounded bg-muted/60 p-4 md:prose-base","children":[["$","label","nf0vyj9TWa",{"className":"flex items-start gap-1.5 md:gap-2 p-4 rounded transition-all duration-300 cursor-pointer bg-white focus:bg-muted/50 focus:outline-none focus:ring-2 focus:ring-brand/40 has-[:checked]:bg-blue-100","htmlFor":"option-0","children":[["$","div",null,{"className":"flex items-center","children":[["$","input",null,{"type":"checkbox","id":"option-0","name":"option-0","className":"rounded-full size-3 md:size-3.5 transition-colors duration-300 appearance-none border border-gray-300 checked:bg-brand checked:border-brand focus:outline-none focus:ring-2 focus:ring-brand/40"}],["$","span",null,{"className":"ml-1.5 font-semibold md:ml-2.5","children":["A","."]}]]}],["$","div",null,{"className":"prose prose-sm prose-stone md:prose-base","dangerouslySetInnerHTML":{"__html":"

MTTR (Mean Time to Respond)

"}}]]}],["$","label","iuaTTbqu8b",{"className":"flex items-start gap-1.5 md:gap-2 p-4 rounded transition-all duration-300 cursor-pointer bg-white focus:bg-muted/50 focus:outline-none focus:ring-2 focus:ring-brand/40 has-[:checked]:bg-blue-100","htmlFor":"option-1","children":[["$","div",null,{"className":"flex items-center","children":[["$","input",null,{"type":"checkbox","id":"option-1","name":"option-1","className":"rounded-full size-3 md:size-3.5 transition-colors duration-300 appearance-none border border-gray-300 checked:bg-brand checked:border-brand focus:outline-none focus:ring-2 focus:ring-brand/40"}],["$","span",null,{"className":"ml-1.5 font-semibold md:ml-2.5","children":["B","."]}]]}],["$","div",null,{"className":"prose prose-sm prose-stone md:prose-base","dangerouslySetInnerHTML":{"__html":"

MTBF (Mean Time Between Failures)

"}}]]}],["$","label","qfCa1XXvOC",{"className":"flex items-start gap-1.5 md:gap-2 p-4 rounded transition-all duration-300 cursor-pointer bg-white focus:bg-muted/50 focus:outline-none focus:ring-2 focus:ring-brand/40 has-[:checked]:bg-blue-100","htmlFor":"option-2","children":[["$","div",null,{"className":"flex items-center","children":[["$","input",null,{"type":"checkbox","id":"option-2","name":"option-2","className":"rounded-full size-3 md:size-3.5 transition-colors duration-300 appearance-none border border-gray-300 checked:bg-brand checked:border-brand focus:outline-none focus:ring-2 focus:ring-brand/40"}],["$","span",null,{"className":"ml-1.5 font-semibold md:ml-2.5","children":["C","."]}]]}],["$","div",null,{"className":"prose prose-sm prose-stone md:prose-base","dangerouslySetInnerHTML":{"__html":"

MTTA (Mean Time to Acknowledge)

"}}]]}],["$","label","Pb8rLbCWPb",{"className":"flex items-start gap-1.5 md:gap-2 p-4 rounded transition-all duration-300 cursor-pointer bg-white focus:bg-muted/50 focus:outline-none focus:ring-2 focus:ring-brand/40 has-[:checked]:bg-blue-100","htmlFor":"option-3","children":[["$","div",null,{"className":"flex items-center","children":[["$","input",null,{"type":"checkbox","id":"option-3","name":"option-3","className":"rounded-full size-3 md:size-3.5 transition-colors duration-300 appearance-none border border-gray-300 checked:bg-brand checked:border-brand focus:outline-none focus:ring-2 focus:ring-brand/40"}],["$","span",null,{"className":"ml-1.5 font-semibold md:ml-2.5","children":["D","."]}]]}],["$","div",null,{"className":"prose prose-sm prose-stone md:prose-base","dangerouslySetInnerHTML":{"__html":"

MTTD (Mean Time to Detect)

"}}]]}]]}],["$","div",null,{"className":"mx-auto max-w-[740px]","children":["$","details",null,{"className":"group","children":[["$","summary",null,{"className":"flex h-10 w-fit cursor-pointer items-center justify-center gap-2 rounded-full bg-brand px-8 font-heading text-sm font-medium text-white hover:bg-brand/90","children":[["$","span",null,{"className":"group-open:hidden","children":"Show Answer"}],["$","span",null,{"className":"hidden group-open:inline","children":"Hide Answer"}]]}],["$","div",null,{"className":"prose prose-sm prose-stone mx-auto mt-4 max-w-[740px] overflow-hidden pb-6 pt-2 md:prose-base","children":[["$","span",null,{"className":"font-medium","children":"Correct Answer: "}],["$","p",null,{"children":""}]]}]]}]}]]]}],"$L28"]}]}]]

SPLK-5001 Exam - Question 22

Discussion