ExamGecko
Search Search Login
Home Home / Splunk / SPLK-1005
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Where can an administrator download the Splunk Cloud Universal Forwarder credentials package?
Which of the following are default Splunk Cloud user roles?
When creating a new index, which of the following is true about archiving expired events?
What two files are used in the data transformation process?
How is it possible to test a script from the Splunk perspective before using it within a scripted input?
Which of the following statements is true regarding sedcmd?
What is a private app?
Due to internal security policies, a Splunk Cloud administrator cannot send data directly to Splunk Cloud from certain data sources. Additional parsing and API-based data sources also need to be sent to Splunk Cloud. What forwarder type should the Splunk Cloud administrator use to satisfy these requirements within their environment?
Which of the following is a valid method to test if a forwarder can successfully send data to Splunk Cloud?
A customer has worked with their LDAP administrator to configure an LDAP strategy in Splunk. The configuration works, and user Mia can log into Splunk using her LDAP Account. After some time, the Splunk Cloud administrator needs to move Mia from the user role to the power role. How should they accomplish this?

Question 77 - SPLK-1005 discussion

Report
Export

Due to internal security policies, a Splunk Cloud administrator cannot send data directly to Splunk Cloud from certain data sources. Additional parsing and API-based data sources also need to be sent to Splunk Cloud. What forwarder type should the Splunk Cloud administrator use to satisfy these requirements within their environment?

A.

Syslog-ng server with a universal forwarder

Answers
A.

Syslog-ng server with a universal forwarder

B.

Light forwarder as an intermediate forwarder

Answers
B.

Light forwarder as an intermediate forwarder

C.

Heavy forwarder as an intermediate forwarder

Answers
C.

Heavy forwarder as an intermediate forwarder

D.

Universal forwarder as an intermediate forwarder

Answers
D.

Universal forwarder as an intermediate forwarder

Suggested answer: C

Explanation:

A heavy forwarder is appropriate in this scenario because it can perform additional data parsing, filtering, and routing before forwarding data to Splunk Cloud. This is particularly useful for data that requires preprocessing or cannot be sent directly due to security policies. [Reference: Splunk Docs on forwarder types and capabilities]

Show Answer
asked 13/11/2024
Fatmata Kabba
51 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms