- All Exams Instant Download
Which setting in inputs.conf can be used to specify the interval at which the script runs for a scripted input?
Which setting in inputs.conf can be used to specify the interval at which the script runs for a scripted input?A . interval B. frequency C. schedule D. cronView AnswerAnswer: A
Which configuration file determines how a universal forwarder forwards data to the indexer?
Which configuration file determines how a universal forwarder forwards data to the indexer?A . inputs.conf B. outputs.conf C. props.conf D. transforms.confView AnswerAnswer: B
What is the name of the component that acts as a data manager and sends data to Splunk Cloud Platform indexers?
What is the name of the component that acts as a data manager and sends data to Splunk Cloud Platform indexers?A . Heavy forwarder B. Universal forwarder C. Deployment server D. License masterView AnswerAnswer: A
What is the main advantage of self-service Splunk Cloud over managed Splunk Cloud in terms of cost and control?
What is the main advantage of self-service Splunk Cloud over managed Splunk Cloud in terms of cost and control?A . Self-service Splunk Cloud costs more to get started and maintain but allows your organization total control in setup and security configurations. B. Self-service Splunk Cloud costs less to get started...
Which feature of forwarders can prevent data loss in case of network failure or congestion?
Which feature of forwarders can prevent data loss in case of network failure or congestion?A . Data compression B. SSL security C. Configurable buffering D. Persistent queuesView AnswerAnswer: D
Which configuration file needs to be edited to configure the universal forwarder to act as a deployment client?
Which configuration file needs to be edited to configure the universal forwarder to act as a deployment client?A . deploymentclient.conf B. server.conf C. outputs.conf D. inputs.confView AnswerAnswer: A
Which configuration file parameter can be used to modify line termination settings interactively, using the Set Source Type page in Splunk Web?
Which configuration file parameter can be used to modify line termination settings interactively, using the Set Source Type page in Splunk Web?A . LINE_BREAKER B. SHOULD_LINEMERGE C. BREAK_ONLY_BEFORE D. TRUNCATEView AnswerAnswer: B
What is the name of the default field that stores the timestamps in UNIX time when data is indexed?
What is the name of the default field that stores the timestamps in UNIX time when data is indexed?A . _time B. _timestamp C. _date D. _epochView AnswerAnswer: A
What is the name of the process that breaks the stream of raw data into individual lines called events?
What is the name of the process that breaks the stream of raw data into individual lines called events?A . Line breaking B. Event annotation C. Event transformation D. Timestamp extractionView AnswerAnswer: A
Which configuration file needs to be edited to enable local indexing on the forwarder?
Which configuration file needs to be edited to enable local indexing on the forwarder?A . outputs.conf B. inputs.conf C. props.conf D. transforms.confView AnswerAnswer: A
