Which component in the splunkd.log will log information related to bad event breaking?
Which component in the splunkd.log will log information related to bad event breaking? A. Audittrail B. EventBreaking C. IndexingPipeline D. AggregatorMiningProcessor Reference: https://answers.splunk.com/answers/141721/error-in-splunkd-log-breaking-event-because-limit-of-256-has-been-exceeded.html
Which Splunk Enterprise offering has its own license?
Which Splunk Enterprise offering has its own license? A. Splunk Cloud Forwarder B. Splunk Heavy Forwarder C. Splunk Universal Forwarder D. Splunk Forwarder Management Reference: https://docs.splunk.com/Splexicon:Forwardinglicense
Which of the following is true regarding Splunk Enterprise performance?
Which of the following is true regarding Splunk Enterprise performance? (Select all that apply.) A. Adding search peers increases the maximum size of search results. B. Adding RAM to an existing search heads provides additional search capacity. C. Adding search peers increases the search throughput as search load increases. D. Adding search heads provides additional […]
In a four site indexer cluster, which configuration stores two searchable copies at the origin site, one searc
In a four site indexer cluster, which configuration stores two searchable copies at the origin site, one searchable copy at site2, and a total of four searchable copies? A. site_search_factor = origin:2, site1:2, total:4 B. site_search_factor = origin:2, site2:1, total:4 C. site_replication_factor = origin:2, site1:2, total:4 D. site_replication_factor = origin:2, site2:1, total:4 Reference: https://docs.splunk.com/Documentation/Splunk/7.3.2/Indexer/Sitereplicationfactor
Which Splunk tool offers a health check for administrators to evaluate the health of their Splunk deployment?
Which Splunk tool offers a health check for administrators to evaluate the health of their Splunk deployment? A. btool B. DiagGen C. SPL Clinic D. Monitoring Console Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/DMC/DMCoverview
What log file would you search to verify if you suspect there is a problem interpreting a regular expression i
What log file would you search to verify if you suspect there is a problem interpreting a regular expression in a monitor stanza? A. btool.log B. metrics.log C. splunkd.log D. tailing_processor.log Reference: https://answers.splunk.com/answers/479312/how-to-edit-inputsconf-to-monitor-multiple-files-w-1.html
Which of the following are client filters available in serverclass.conf?
Which of the following are client filters available in serverclass.conf? (Select all that apply.) A. DNS name. B. IP address. C. Splunk server role. D. Platform (machine type). Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Updating/Filterclients#Define_filters_through_serverclass.conf
Which index-time props.conf attributes impact indexing performance?
Which index-time props.conf attributes impact indexing performance? (Select all that apply.) A. REPORT B. LINE_BREAKER C. ANNOTATE_PUNCT D. SHOULD_LINEMERGE Reference: https://docs.splunk.com/Documentation/Splunk/7.3.2/Data/Configureeventlinebreaking
A multi-site indexer cluster can be configured using which of the following?
A multi-site indexer cluster can be configured using which of the following? (Select all that apply.) A. Via Splunk Web. B. Directly edit SPLUNK_HOME/etc/system/local/server.conf C. Run a splunk edit cluster-config command from the CLI. D. Directly edit SPLUNK_HOME/etc/system/default/server.conf Reference: https://docs.splunk.com/Documentation/Splunk/7.3.2/Indexer/Enableclustersindetail
Which of the following should be included in a deployment plan?
Which of the following should be included in a deployment plan? A. Business continuity and disaster recovery plans. B. Current logging details and data source inventory. C. Current and future topology diagrams of the IT environment. D. A comprehensive list of stakeholders, either direct or indirect. Reference: https://docs.splunk.com/Documentation/CoE/ssf/Handbook/StakeholderReg