Splunk Core Certified Power User — Question 197

Which of the following searches would return a report of sales by product_name?

Answer options

• A. chart sales by product_name
• B. chart sum(price) as sales by product_name
• C. stats sum(price) as sales over product_name
• D. timechart list(sales), values(product_name)

Correct answer: B

Explanation

The correct answer, B, uses the 'chart' command to aggregate the sum of prices and label it as sales, while grouping the results by product_name. Option A does not perform any aggregation, C uses 'stats' incorrectly for this context, and D is not suitable as it focuses on time-based charting rather than sales by product.