Which configuration files are used to transform raw data ingested by Splunk? (Choose all that apply.)

SPLK-1003 V1 0 Comments

Which configuration files are used to transform raw data ingested by Splunk? (Choose all that apply.)
A . props.conf
B . inputs.conf
C . rawdata.conf
D . transforms.conf

Answer: AD

Explanation:

https://docs.splunk.com/Documentation/Splunk/8.1.1/Knowledge/Configureadvancedextractionswithfieldtransforms

use transformations with props.conf and transforms.conf to:

C Mask or delete raw data as it is being indexed COverride sourcetype or host based upon event values

C Route events to specific indexes based on event content

C Prevent unwanted events from being indexed

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/8.0.5/Data/Configuretimestamprecognition

Latest SPLK-1003 Dumps Valid Version with 119 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SPLK-1003 PDF     SPLK-1003 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments