Home

Home / Splunk / SPLK-1005

Question list

List of questions

Question 1

(0)

A monitor has been created in inputs. con: for a directory that contains a mix of file types. How would a Cloud Admin fine-tune assigned sourcetypes for different files in the directory during the

Question 2

(0)

Windows Input types are collected in Splunk via a script which is configurable using the GUI. What is this type of input called?

Question 3

(0)

The following sample log event shows evidence of credit card numbers being present in the transactions. loc file. Which of these SEDCM3 settings will mask this and other suspected credit card num

Question 4

(0)

Which of the following is a correct statement about Universal Forwarders?

Question 5

(0)

Which of the following is true when integrating LDAP authentication?

Question 6

(0)

A Splunk Cloud administrator is looking to allow a new group of Splunk users in the marketing department to access the Splunk environment and view a dashboard with relevant data. These users need to

Question 7

(0)

Files from multiple systems are being stored on a centralized log server. The files are organized into directories based on the original server they came from. Which of the following is a recommende

Question 8

(0)

In which file can the SH0ULD_LINEMERCE setting be modified?

Question 9

(0)

What is the recommended approach to collect data from network devices?

Question 10

(0)

When a forwarder phones home to a Deployment Server it compares the check-sum value of the forwarder's app to the Deployment Server's app. What happens to the app If the check-sum values do not matc

Open VPLUS File

Convert VPLUS to PDF

Related questions

When creating a new index, which of the following is true about archiving expired events?

Where can an administrator download the Splunk Cloud Universal Forwarder credentials package?

What two files are used in the data transformation process?

How is it possible to test a script from the Splunk perspective before using it within a scripted input?

A customer has worked with their LDAP administrator to configure an LDAP strategy in Splunk. The configuration works, and user Mia can log into Splunk using her LDAP Account. After some time, the Splunk Cloud administrator needs to move Mia from the user role to the power role. How should they accomplish this?

Which of the following are default Splunk Cloud user roles?

Due to internal security policies, a Splunk Cloud administrator cannot send data directly to Splunk Cloud from certain data sources. Additional parsing and API-based data sources also need to be sent to Splunk Cloud. What forwarder type should the Splunk Cloud administrator use to satisfy these requirements within their environment?

Which of the following statements is true regarding sedcmd?

Which of the following is a valid method to test if a forwarder can successfully send data to Splunk Cloud?

What is a private app?

Question 28 - SPLK-1005 discussion

Report

Which of the following statements is true about data transformations using SEDCMD?

A.

Can only be used to mask or truncate raw data.

B.

Configured in props.conf and transform.conf.

C.

Can be used to manipulate the sourcetype per event.

D.

Operates on a REGEX pattern match of the source, sourcetype, or host of an event.

Show Answer

asked 10/10/2024

cristian vargas

42 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first