SPLK-1002 Data Models and Best Practices • Set 1
SPLK-1002 Data Models and Best Practices Practice Test 1 — 15 questions with explanations. Free, no signup.
A security analyst needs to create a data model for authentication logs that allows both event counts and average duration calculations. The data model should support fast search performance. Which approach best follows Splunk best practices for data model design?