SPLK 1003 Splunk Enterprise Certified Admin Test Study Questions with 100% Correct Answers
4 views 0 purchase
Course
SPLK 1002
Institution
SPLK 1002
Which Splunk component manages requests from users?
a) Search head
b) Indexer
c) Forwarder
d) Deployer - Answer Search Head
Which Splunk component manages baselines and apps for search head cluster members?
a) Deployment server
b) Deployer
c) Cluster master
d) License master - Answer Deplo...
SPLK 1003 Splunk Enterprise Certified Admin Test Study Questions with 100% Correct Answers Which Splunk component manages requests from users? a) Search head b) Indexer c) Forwarder d) Deployer - Answer Search Head Which Splunk component manages baselines and apps for search head cluster members? a) Deployment server b) Deployer c) Cluster master d) License master - Answer Deployer Which of the following are the two categories of Sp lunk components? a) Searching and Deploying b) Parsing and Indexing c) Delivery and Installation d) Processing and Management - Answer Processing and Management Which of the following cannot receive data? a) Forwarders b) Indexers c) Search heads d) None of the above - Answer None of the above What happens when there are multiple instances of the same configuration file? a) Splunk asks which one you want to delete b) Splunk combines all stanzas from all configuration files and applies them globally c) Splunk evaluates them based on precedence d) Splunk crashes - Answer Splunk combines all stanzas from all configuration files and applies them globally Which configur ation file defines indexes? a) transforms.conf b) props.con c) inputs.conf d) outputs.conf - Answer inputs.conf In Linux, the default $SPLUNK_HOME$ directory is a) /etc/splunk b) /dev/splunk c) /opt/splunk d) var/splunk - Answer /opt/splunk Global config uration files reside in a) /var/lib b) /etc/users/<username> c) /etc/apps/<app_name> d) /etc/system - Answer /etc/system The general precedence for configuration files is a) local then default b) default then local c) local then modified d) modified than local - Answer local then default Which of the following is the best way to see which stanzas from which configuration files Splunk is using at runtime? a) Run the search "runtime=*" b) Use btool c) Check the Linux PIDs or Windows Perfmon for running processes d) Delete all unnecessary con figuration files - Answer Use btool Within a configuration file, different sections are broken out by a) attributes b) values c) stanzas d) rows - Answer stanzas True or False: When you create a new index, Splunk appends the indexes.conf file located at $SPLUNK_HOME/etc/system/default/indexes.conf - Answer False Configuration files can be edited a) In Splunk web b) In the CLI c) A only d) B only e) A&B - Answer A&B
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Examsplug. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.
