Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. Splunk®
  5. SPLK-1003

Free Splunk® SPLK-1003 Exam Braindumps (page: 4)

Page 4 of 25
PDF with 209 Questions

What is required when adding a native user to Splunk? (select all that apply)

  1. Password
  2. Username
  3. Full Name
  4. Default app

Answer(s): A,B

Explanation:

According to the Splunk system admin course PDF, When adding native users, Username and Password ARE REQUIRED



What are the minimum required settings when creating a network input in Splunk?

  1. Protocol, port number
  2. Protocol, port, location
  3. Protocol, username, port
  4. Protocol, IP. port number

Answer(s): A

Explanation:

https://docs.splunk.com/Documentation/Splunk/8.0.5/Admin/Inputsconf

[tcp://<remote server>:<port>]
*Configures the input to listen on a specific TCP network port. *If a <remote server> makes a connection to this instance, the input uses this stanza to configure itself.
*If you do not specify <remote server>, this stanza matches all connections on the specified port. *Generates events with source set to "tcp:<port>", for example: tcp:514

*If you do not specify a sourcetype, generates events with sourcetype set to "tcp-raw"



Which Splunk component requires a Forwarder license?

  1. Search head
  2. Heavy forwarder
  3. Heaviest forwarder
  4. Universal forwarder

Answer(s): B



Which optional configuration setting in inputs .conf allows you to selectively forward the data to specific indexer(s)?

  1. _TCP_ROUTING
  2. _INDEXER_LIST
  3. _INDEXER_GROUP
  4. _INDEXER ROUTING

Answer(s): A

Explanation:

https://docs.splunk.com/Documentation/Splunk/7.0.3/Forwarding/Routeandfilterdatad#Perform_se lective_indexing_and_forwarding
Specifies a comma-separated list of tcpout group names. Use this setting to selectively forward your data to specific indexers by specifying the tcpout groups that the forwarder should use when forwarding the data. Define the tcpout group names in the outputs.conf file in [tcpout:<tcpout_group_name>] stanzas. The groups present in defaultGroup in [tcpout] stanza in the outputs.conf file.



To set up a Network input in Splunk, what needs to be specified'?

  1. File path.
  2. Username and password
  3. Network protocol and port number.
  4. Network protocol and MAC address.

Answer(s): C

Explanation:

https://docs.splunk.com/Documentation/Splunk/8.0.3/Data/Monitornetworkports



Which Splunk forwarder type allows parsing of data before forwarding to an indexer?

  1. Universal forwarder
  2. Parsing forwarder
  3. Heavy forwarder
  4. Advanced forwarder

Answer(s): C



Which of the following statements describe deployment management? (select all that apply)

  1. Requires an Enterprise license
  2. Is responsible for sending apps to forwarders.
  3. Once used, is the only way to manage forwarders
  4. Can automatically restart the host OS running the forwarder.

Answer(s): A,B

Explanation:

https://docs.splunk.com/Documentation/Splunk/8.2.2/Admin/Distdeploylicenses#:~:text=License%2 0requirements,do%20not%20index%20external%20data.

"All Splunk Enterprise instances functioning as management components needs access to an Enterprise license. Management components include the deployment server, the indexer cluster manager node, the search head cluster deployer, and the monitoring console."

https://docs.splunk.com/Documentation/Splunk/8.2.2/Updating/Aboutdeploymentserver

"The deployment server is the tool for distributing configurations, apps, and content updates to groups of Splunk Enterprise instances."



During search time, which directory of configuration files has the highest precedence?

  1. $SFLUNK_KOME/etc/system/local
  2. $SPLUNK_KCME/etc/system/default
  3. $SPLUNK_HCME/etc/apps/app1/local
  4. $SPLUNK HCME/etc/users/admin/local

Answer(s): D

Explanation:

Adding further clarity and quoting same Splunk reference URL from @giubal"

"To keep configuration settings consistent across peer nodes, configuration files are managed from the cluster master, which pushes the files to the slave-app directories on the peer nodes. Files in the slave-app directories have the highest precedence in a cluster peer's configuration. Here is the expanded precedence order for cluster peers:
1.Slave-app local directories -- highest priority
2. System local directory
3. App local directories
4. Slave-app default directories
5. App default directories
6. System default directory --lowest priority



Viewing page 4 of 25
Viewing questions 25 - 32 out of 209 questions



Post your Comments and Discuss Splunk® SPLK-1003 exam prep with other Community members:

SPLK-1003 Exam Discussions & Posts