CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Splunk®
  5. SPLK-2002

Free SPLK-2002 Exam Braindumps (page: 11)

Page 10 of 23
PDF with 160 Questions

To reduce the captain's work load in a search head cluster, what setting will prevent scheduled searches from running on the captain?

  1. adhoc_searchhead = true (on all members)
  2. adhoc_searchhead = true (on the current captain)
  3. captain_is_adhoc_searchhead = true (on all members)
  4. captain_is_adhoc_searchhead = true (on the current captain)

Answer(s): D


Reference:

https://docs.splunk.com/Documentation/Splunk/7.3.1/DistSearch/Adhocclustermember



At which default interval does metrics.log generate a periodic report regarding license utilization?

  1. 10 seconds
  2. 30 seconds
  3. 60 seconds
  4. 300 seconds

Answer(s): B


Reference:

https://docs.splunk.com/Documentation/Splunk/7.3.2/Troubleshooting/Aboutmetricslog



Which of the following is a good practice for a search head cluster deployer?

  1. The deployer only distributes configurations to search head cluster members when they “phone home”.
  2. The deployer must be used to distribute non-replicable configurations to search head cluster members.
  3. The deployer must distribute configurations to search head cluster members to be valid configurations.
  4. The deployer only distributes configurations to search head cluster members with splunk apply shcluster-bundle.

Answer(s): A



A new Splunk customer is using syslog to collect data from their network devices on port 514. What is the best practice for ingesting this data into Splunk?

  1. Configure syslog to send the data to multiple Splunk indexers.
  2. Use a Splunk indexer to collect a network input on port 514 directly.
  3. Use a Splunk forwarder to collect the input on port 514 and forward the data.
  4. Configure syslog to write logs and use a Splunk forwarder to collect the logs.

Answer(s): C


Reference:

https://wiki.splunk.com/Community:BestPracticeForConfiguringSyslogInput






Post your Comments and Discuss Splunk® SPLK-2002 exam with other Community members:

SPLK-2002 Discussions & Posts