×
Detail Form
We will send your result on your email id and phone no. please fill detail
1.
Which parent directory contains the configuration files in Splunk?
2.
Which forwarder type can parse data prior to forwarding?
3.
Which Splunk component consolidates the individual results and prepares reports in a distributed environment?
4.
Where should apps be located on the deployment server that the clients pull from?
5.
This file has been manually created on a universal forwarder:
/opt/splunkforwarder/etc/apps/my_TA/local/inputs.conf
[monitor:///var/log/messages]
sourcetype=syslog
index=syslog
A new Splunk admin comes in and connects the universal forwarders to a deployment server and deploys the same app with a new inputs.conf file:
/opt/splunk/etc/deployment-apps/my_TA/local/inputs.conf
[monitor:///var/log/maillog]
sourcetype=maillog
index=syslog
Which file is now monitored?
/opt/splunkforwarder/etc/apps/my_TA/local/inputs.conf
[monitor:///var/log/messages]
sourcetype=syslog
index=syslog
A new Splunk admin comes in and connects the universal forwarders to a deployment server and deploys the same app with a new inputs.conf file:
/opt/splunk/etc/deployment-apps/my_TA/local/inputs.conf
[monitor:///var/log/maillog]
sourcetype=maillog
index=syslog
Which file is now monitored?
6.
When configuring monitor inputs with whitelists or blacklists, what is the supported method of filtering the lists?
7.
What is required when adding a native user to Splunk? (Select all that apply.)
8.
What are the minimum required settings when creating a network input in Splunk?
9.
Which Splunk component requires a Forwarder license?
10.
Which optional configuration setting in inputs.conf allows you to selectively forward the data to specific indexer(s)?