SPLK-1002 • Practice Test 8
Free SPLK-1002 practice test — 10 questions with explanations. Set 8. No signup required.
Refer to the exhibit. The search returns only events where src_zone is 'external'. What is the problem?
index=network sourcetype=cisco:asa | eval src_zone=case(src_ip="10.0.0.0/8","internal", 1=1,"external") | search src_zone=internal | stats count by src_zone