CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Splunk®
  5. SPLK-2002

Free SPLK-2002 Exam Braindumps

Splunk Enterprise platform instrumentation refers to data that the Splunk Enterprise deployment logs in the _introspection index. Which of the following logs are included in this index? (Select all that apply.)

  1. audit.log
  2. metrics.log
  3. disk_objects.log
  4. resource_usage.log

Answer(s): C,D


Reference:

https://docs.splunk.com/Documentation/Splunk/7.3.1/Troubleshooting/Abouttheplatforminstrumentationframework



Which of the following can a Splunk diag contain?

  1. Search history, Splunk users and their roles, running processes, indexed data
  2. Server specs, current open connections, internal Splunk log files, index listings
  3. KV store listings, internal Splunk log files, search peer bundles listings, indexed data
  4. Splunk platform configuration details, Splunk users and their roles, current open connections, index listings

Answer(s): B


Reference:

https://splunkonbigdata.com/2018/10/01/splunk-diag/



Which of the following are true statements about Splunk indexer clustering?

  1. All peer nodes must run exactly the same Splunk version.
  2. The master node must run the same or a later Splunk version than search heads.
  3. The peer nodes must run the same or a later Splunk version than the master node.
  4. The search head must run the same or a later Splunk version than the peer nodes.

Answer(s): B


Reference:

https://answers.splunk.com/answers/760348/search-head-version-compatibility.html



A customer plans to ingest 600 GB of data per day into Splunk. They will have six concurrent users, and they also want high data availability and high search performance. The customer is concerned about cost and wants to spend the minimum amount on the hardware for Splunk. How many indexers are recommended for this deployment?

  1. Two indexers not in a cluster, assuming users run many long searches.
  2. Three indexers not in a cluster, assuming a long data retention period.
  3. Two indexers clustered, assuming high availability is the greatest priority.
  4. Two indexers clustered, assuming a high volume of saved/scheduled searches.

Answer(s): D


Reference:

https://docs.splunk.com/Documentation/Splunk/7.3.2/Capacity/Summaryofperformancerecommendations






Post your Comments and Discuss Splunk® SPLK-2002 exam with other Community members:

SPLK-2002 Discussions & Posts