Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Splunk®
  5. SPLK-1003

Free SPLK-1003 Exam Braindumps (page: 18)

Page 17 of 35
PDF with 209 Questions

Which is a valid stanza for a network input?

  1. [udp://172.16.10.1:9997]
    connection = dns
    sourcetype = dns
  2. [any://172.16.10.1:10001]
    connection_host = ip
    sourcetype = web
  3. [tcp://172.16.10.1:9997]
    connection_host = web
    sourcetype = web
  4. [tcp://172.16.10.1:10001]
    connection_host = dns
    sourcetype = dns

Answer(s): C


Reference:

https://docs.splunk.com/Documentation/SplunkCloud/8.0.2006/Data/Bypassautomaticsourcetypeassignment



Which additional component is required for a search head cluster?

  1. Deployer
  2. Cluster Master
  3. Monitoring Console
  4. Management Console

Answer(s): A


Reference:

https://docs.splunk.com/Documentation/Splunk/8.0.5/DistSearch/SHCdeploymentoverview



When are knowledge bundles distributed to search peers?

  1. After a user logs in.
  2. When Splunk is restarted.
  3. When adding a new search peer.
  4. When a distributed search is initiated.

Answer(s): D


Reference:

https://docs.splunk.com/Documentation/Splunk/8.0.5/DistSearch/Whatsearchheadssend



Assume a file is being monitored and the data was incorrectly indexed to an exclusive index. The index is cleaned and now the data must be reindexed. What other index must be cleaned to reset the input checkpoint information for that file?

  1. _audit
  2. _checkpoint
  3. _introspection
  4. _thefishbucket

Answer(s): A


Reference:

http://docshare02.docshare.tips/files/4773/47733589.pdf






Post your Comments and Discuss Splunk® SPLK-1003 exam with other Community members:

Exam Discussions & Posts