Splunk Observability Cloud Certified Associate — Question 6

Which field in the risk index is used to describe the activity within a finding?

Answer options

• A. risk_message
• B. risk_description
• C. risk_object
• D. risk_reason

Correct answer: D

Explanation

The correct answer is D, as the 'risk_reason' field specifically outlines the activity related to the finding. The other options, while related to risk, do not directly describe the activity; 'risk_message' conveys a message, 'risk_description' provides a summary, and 'risk_object' identifies the object at risk.