Free Download SPLK-1003 Examp Dump: Splunk.SPLK-1003.BrainDumps.2019-09-16.28q.vcex

Question 1

Which parent directory contains the configuration files in Splunk?

$SPLUNK_HOME/etc
$SPLUNK_HOME/var
$SPLUNK_HOME/conf
$SPLUNK_HOME/default

Correct answer: A

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Admin/Configurationfiledirectories

Question 2

Which forwarder type can parse data prior to forwarding?

Universal forwarder
Heaviest forwarder
Hyper forwarder
Heavy forwarder

Correct answer: D

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Forwarding/Typesofforwarders

Question 3

Which Splunk component consolidates the individual results and prepares reports in a distributed environment?

Indexers
Forwarder
Search head
Search peers

Correct answer: A

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Indexer/Advancedindexingstrategy

Question 4

Where should apps be located on the deployment server that the clients pull from?

$SPLUNK_HOME/etc/apps
$SPLUNK_HOME/etc/search
$SPLUNK_HOME/etc/master-apps
$SPLUNK_HOME/etc/deployment-apps

Correct answer: A

Explanation:

Reference: https://answers.splunk.com/answers/371099/how-to-configure-deployment-apps-to-push-to-client.html

Question 5

This file has been manually created on a universal forwarder:

/opt/splunkforwarder/etc/apps/my_TA/local/inputs.conf

[monitor:///var/log/messages]

sourcetype=syslog

index=syslog

A new Splunk admin comes in and connects the universal forwarders to a deployment server and deploys the same app with a new inputs.conf file:

/opt/splunk/etc/deployment-apps/my_TA/local/inputs.conf

[monitor:///var/log/maillog]

sourcetype=maillog

index=syslog

Which file is now monitored?

/var/log/messages
/var/log/maillog
/var/log/maillog and /var/log/messages
none of the above

Correct answer: C

Question 6

When configuring monitor inputs with whitelists or blacklists, what is the supported method of filtering the lists?

Slash notation
Regular expression
Irregular expression
Wildcard-only expression

Correct answer: B

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Updating/Filterclients

Question 7

What is required when adding a native user to Splunk? (Select all that apply.)

Password
Username
Full Name
Default app

Correct answer: CD

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Security/Addandeditusers

Question 8

What are the minimum required settings when creating a network input in Splunk?

Protocol, port number
Protocol, port, location
Protocol, username, port
Protocol, IP, port number

Correct answer: A

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Data/UsetheHTTPEventCollector

Question 9

Which Splunk component requires a Forwarder license?

Search head
Heavy forwarder
Heaviest forwarder
Universal forwarder

Correct answer: B

Explanation:

Reference: https://answers.splunk.com/answers/70017/heavy-forwarder-costs-and-licenses.html

Question 10

Which optional configuration setting in inputs.conf allows you to selectively forward the data to specific indexer(s)?

_TCP_ROUTING
_INDEXER_LIST
_INDEXER_GROUP
_INDEXER_ROUTING

Correct answer: A

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Data/Monitorfilesanddirectorieswithinputs.conf

Exam	Splunk Enterprise Certified Admin
Number	SPLK-1003
File Name	Splunk.SPLK-1003.BrainDumps.2019-09-16.28q.vcex
Size	18 KB
Posted	Sep 16, 2019
Download	Splunk.SPLK-1003.BrainDumps.2019-09-16.28q.vcex

Download Splunk.SPLK-1003.BrainDumps.2019-09-16.28q.vcex

File Info

How to open VCEX & EXAM Files?

Demo Questions