Pre-Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtreat

SPLK-1005 Splunk Cloud Certified Admin Questions and Answers

Questions 4

When a forwarder phones home to a Deployment Server it compares the check-sum value of the forwarder's app to the Deployment Server's app. What happens to the app If the check-sum values do not match?

Options:

A.

The app on the forwarder is always deleted and re-downloaded from the Deployment Server.

B.

The app on the forwarder is only deleted and re-downloaded from the Deployment Server if the forwarder's app has a smaller check-sum value.

C.

The app is downloaded from the Deployment Server and the changes are merged.

D.

A warning is generated on the Deployment Server stating the apps are out of sync. An Admin will need to confirm which version of the app should be used.

Buy Now
Questions 5

Which of the following files is used for both search-time and index-time configuration?

Options:

A.

inputs.conf

B.

props.conf

C.

macros.conf

D.

savesearch.conf

Buy Now
Questions 6

Files from multiple systems are being stored on a centralized log server. The files are organized into directories based on the original server they came from. Which of the following is a recommended approach for correctly setting the host values based on their origin?

Options:

A.

Use the host segment, setting.

B.

Set host = * in the monitor stanza.

C.

The host value cannot be dynamically set.

D.

Manually create a separate monitor stanza for each host, with the nose = value set.

Buy Now
Questions 7

Consider the following configurations:

What is the value of the sourcetypeproperty for this stanza based on Splunk's configuration file precedence?

Options:

A.

NULL, or unset, due to configuration conflict

B.

access_corabined

C.

linux aacurs

D.

linux_secure, access_combined

Buy Now
Questions 8

When monitoring directories that contain mixed file types, which setting should be omitted from inputs, conf and instead be overridden in propo.conf?

Options:

A.

sourcetype

B.

host

C.

source

D.

index

Buy Now
Questions 9

Which of the following stanzas would enable a TCP input on port 1025, allowing traffic from all IP addresses except 10.5.5.1?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Buy Now
Questions 10

Windows Input types are collected in Splunk via a script which is configurable using the GUI. What is this type of input called?

Options:

A.

Batch

B.

Scripted

C.

Modular

D.

Front-end

Buy Now
Questions 11

What is the recommended approach to collect data from network devices?

Options:

A.

TCP/UDP Feed > Heavy Forwarder > Intermediate Forwarder > Splunk Cloud

B.

TCP/UDP Feed > Syslog Server with Universal Forwarder > Splunk Cloud

C.

TCP/UDP Feed > Universal Forwarder > Intermediate Forwarder > Splunk Cloud

D.

TCP/UDP Feed > Intermediate Forwarder > Heavy Forwarder > Splunk Cloud

Buy Now
Questions 12

Which of the following is the default bandwidth limit in the Splunk Universal Forwarder credentials package?

Options:

A.

0KBps

B.

256 KBps

C.

512 KBps

D.

1024 KBps

Buy Now
Questions 13

A customer wants to mask unstructured data before sending it to Splunk Cloud. Where should SEBCMD be configured for this?

Options:

A.

props. conf on a Splunk Cloud search head,

B.

props.conf on a Heavy Forwarder.

C.

transforms, cent on a Splunk Cloud indexer.

D.

props. conf- on a Universal Forwarder.

Buy Now
Questions 14

Which of the following is a valid stanza in props. conf?

Options:

A.

[sourcetype::linux_secure]

B.

[host=nyc25]

C.

[host::nyc*]

D.

[host:nyc*]

Buy Now
Questions 15

What can be used in a Splunk Cloud environment to create new sourcetypes?

Options:

A.

Data Preview

B.

props. conf can be edited directly from the GUI

C.

Splunk's CLI

D.

Deployment Server

Buy Now
Questions 16

What Splunk command will allow an administrator to view the runtime configuration instructions for a monitored file in Inputs. cont on the forwarders?

Options:

A.

./splunk _internal call /services/data/input.3/filemonitor

B.

./splunk show config inputs.conf

C.

./splunk _internal rest /services/data/inputs/monitor

D.

./splunk show config inputs

Buy Now
Questions 17

When adding a directory monitor and specifying a sourcetype explicitly, it applies to all files in the directory and subdirectories. If automatic sourcetyping is used, a user can selectively override it in which file on the forwarder?

Options:

A.

transforms.conf

B.

props.conf

C.

inputs.conf

D.

outputs.cont

Buy Now
Questions 18

Which of the following tasks is not managed by the Splunk Cloud administrator?

Options:

A.

Forwarding events to Splunk Cloud.

B.

Upgrading the indexer's Splunk software.

C.

Managing knowledge objects.

D.

Creating users and roles.

Buy Now
Exam Code: SPLK-1005
Exam Name: Splunk Cloud Certified Admin
Last Update: Oct 14, 2024
Questions: 60
SPLK-1005 pdf

SPLK-1005 PDF

$28  $80
SPLK-1005 Engine

SPLK-1005 Testing Engine

$33.25  $95
SPLK-1005 PDF + Engine

SPLK-1005 PDF + Testing Engine

$45.5  $130