SPLK-1003 Advanced Searching and Statistics • 15 Questions
15 SPLK-1003 Advanced Searching and Statistics practice questions with answers and explanations. Free, no signup.
A security analyst needs to find all events where the field 'user' has a value that is either 'admin' or 'root', but the search is returning too many results from a noisy source. Which search best filters the events to only include those where the 'user' field exactly matches 'admin' or 'root'?