- All Exams Instant Download
Which of the following is valid distribute search group?
Which of the following is valid distribute search group? A) B) C) D) A . option AB . Option BC . Option CD . Option DView AnswerAnswer: D
Which of the following is an appropriate description of a deployment server in a non-cluster environment?
Which of the following is an appropriate description of a deployment server in a non-cluster environment?A . Allows management of local Splunk instances, requires Enterprise license, handles job of sending configurations packaged as apps. can automatically restart remote Splunk instances.B . Allows management of remote Splunk instances, requires Enterprise license,...
Which of the following monitor inputs stanza headers would match all of the following files?
Which of the following monitor inputs stanza headers would match all of the following files? /var/log/www1/secure.log /var/log/www/secure.l /var/log/www/logs/secure.logs /var/log/www2/secure.logA . [monitor:///var/log/.../secure.*B . [monitor:///var/log/www1/secure.*]C . [monitor:///var/log/www1/secure.log]D . [monitor:///var/log/www*/secure.*]View AnswerAnswer: C Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.2.1/Data/Monitorfilesanddirectorieswithinputs.conf
Which option accurately describes the purpose of the HTTP Event Collector (HEC)?
Which option accurately describes the purpose of the HTTP Event Collector (HEC)?A . A token-based HTTP input that is secure and scalable and that requires the use of forwardersB . A token-based HTTP input that is secure and scalable and that does not require the use of forwarders.C . An...
Which of the following apply to how distributed search works? (select all that apply)
Which of the following apply to how distributed search works? (select all that apply)A . The search head dispatches searches to the peersB . The search peers pull the data from the forwarders.C . Peers run searches in parallel and return their portion of results.D . The search head consolidates...
Which of the following must be done to define user permissions when integrating Splunk with LDAP?
Which of the following must be done to define user permissions when integrating Splunk with LDAP?A . Map UsersB . Map GroupsC . Map LDAP InheritanceD . Map LDAP to Active DirectoryView AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.5/Security/ConfigureLDAPwithSplunkWeb
Local user accounts created in Splunk store passwords in which file?
Local user accounts created in Splunk store passwords in which file?A . $ SFLUNK_KOME/etc/passwdB . $ SFLUNK_KCME/etc/authenticationC . $ S?LUNK_HCME/etc/users/passwd.confD . $ SPLUNK HCME/etc/users/authentication.confView AnswerAnswer: A
How is a remote monitor input distributed to forwarders?
How is a remote monitor input distributed to forwarders?A . As an app.B . As a forward.conf file.C . As a monitor.conf file.D . As a forwarder monitor profile.View AnswerAnswer: A Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.5/Data/Usingforwardingagents
Which configuration files are used to transform raw data ingested by Splunk? (Choose all that apply.)
Which configuration files are used to transform raw data ingested by Splunk? (Choose all that apply.)A . props.confB . inputs.confC . rawdata.confD . transforms.confView AnswerAnswer: A Explanation: Reference: https://docs.splunk.com/Documentation/Splunk/8.0.5/Data/Configuretimestamprecognition
If an update is made to an attribute in inputs.conf on a universal forwarder, on which Splunk component would the fish bucket need to be reset in order to reindex the data?
If an update is made to an attribute in inputs.conf on a universal forwarder, on which Splunk component would the fish bucket need to be reset in order to reindex the data?A . IndexerB . ForwarderC . Search headD . Deployment serverView AnswerAnswer: A Explanation: Reference https://community.splunk.com/t5/Archive/How-to-reindex-data-from-a-forwarder/td-p/93310
