NEW QUESTION 1
Which configuration file determines how a universal forwarder forwards data to the indexer?

• A. inputs.conf
• B. outputs.conf
• C. props.conf
• D. transforms.conf

Answer: B

NEW QUESTION 2
What is the name of the directory that contains all the Splunk indexes and other important data??

• A. /bin
• B. /var
• C. /etc
• D. /lib

Answer: B

NEW QUESTION 3
Which command can be used to install the Splunk universal forwarder credentials package on the universal forwarder machine?

• A. splunk install app <path_to_credentials_package>
• B. splunk add app <path_to_credentials_package>
• C. splunk install forwarder-credentials <path_to_credentials_package>
• D. splunk add forwarder-credentials <path_to_credentials_package>

Answer: A

NEW QUESTION 4
What is the name of the dashboard that provides information on incoming data consumption and indexing rate for your Splunk Cloud Platform deployment?

• A. Indexing Performance
• B. Indexing Quality
• C. Indexing Status
• D. Indexing Overview

Answer: A

NEW QUESTION 5
What is the name of the attribute that specifies the name of the stanza in the transforms.conf file that defines the data transformation in the props.conf file?

• A. REGEX
• B. FORMAT
• C. DEST_KEY
• D. TRANSFORMS

Answer: D

NEW QUESTION 6
Which type of forwarder has the lowest system resource usage and the highest data throughput?

• A. Universal forwarder
• B. Heavy forwarder
• C. Light forwarder
• D. Deployment client

Answer: A

NEW QUESTION 7
What is the main advantage of self-service Splunk Cloud over managed Splunk Cloud in terms of cost and control?

• A. Self-service Splunk Cloud costs less to get started and maintain and allows your organization total control in setup and security configurations.
• B. Self-service Splunk Cloud costs more to get started and maintain but allows your organization total control in setup and security configurations.
• C. Self-service Splunk Cloud costs less to get started and maintain but requires your organization to rely on Splunk for setup and security configurations.
• D. Self-service Splunk Cloud costs more to get started and maintain and requires your organization to rely on Splunk for setup and security configurations.

Answer: A

NEW QUESTION 8
What is the name of the Splunk Cloud feature that allows you to get data from APIs and other remote data interfaces through scripted inputs?

• A. Splunk Cloud Data Connectors
• B. Splunk Cloud Data Integrations
• C. Splunk Cloud Data Collectors
• D. Splunk Cloud Data Sources

Answer: C

NEW QUESTION 9
Which file processor can be used to index files that are not actively written to or updated?

• A. Monitor
• B. MonitornoHandle
• C. Upload
• D. None of the above

Answer: C

NEW QUESTION 10
Which Splunk add-on simplifies the process of getting data into Splunk Cloud Platform from Windows Event Log channels?

• A. Splunk Add-on for Windows
• B. Splunk Add-on for Infrastructure
• C. Splunk Add-on for Active Directory
• D. Splunk Add-on for DNS

Answer: A

NEW QUESTION 11
Which configuration file needs to be edited to configure the universal forwarder to act as a deployment client?

• A. deploymentclient.conf
• B. server.conf
• C. outputs.conf
• D. inputs.conf

Answer: A

NEW QUESTION 12
Which setting in inputs.conf can be used to specify the interval at which the script runs for a scripted input?

• A. interval
• B. frequency
• C. schedule
• D. cron

Answer: A

NEW QUESTION 13
What is the name of the configuration file that governs data inputs such as forwarders and file system monitoring?

• A. inputs.conf
• B. props.conf
• C. transforms.conf
• D. outputs.conf

Answer: A

NEW QUESTION 14
What are the four default roles that Splunk Cloud Platform comes with?

• A. admin, power, user, can_delete
• B. admin, power, user, sc_admin
• C. admin, power, user, guest
• D. admin, power, user, can_write

Answer: B

NEW QUESTION 15
Which setting in inputs.conf can be used to specify the SSL certificate for a TCP or UDP input?

• A. sslCertPath
• B. sslRootCAPath
• C. sslPassword
• D. All of the above

Answer: D

NEW QUESTION 16
What is the name of the Splunk Enterprise feature that provides a security data and event management (SIEM) solution that uses machine data to detect and respond to threats?

• A. Splunk Enterprise Security
• B. Splunk Enterprise Intelligence
• C. Splunk Enterprise Analytics
• D. Splunk Enterprise Monitoring

Answer: A

NEW QUESTION 17
What is the name of the topology that allows you to initiate searches from an on-premises Splunk Enterprise search head to a single Splunk Cloud Platform deployment?

• A. Hybrid Search Topology
• B. Federated Search Topology
• C. Distributed Search Topology
• D. Clustered Search Topology

Answer: A

NEW QUESTION 18
Which type of forwarder can act as an intermediate forwarder to receive data from other forwarders and send it to the indexer?

• A. Universal forwarder
• B. Heavy forwarder
• C. Light forwarder
• D. Any type of forwarder

Answer: B

NEW QUESTION 19
......