SPLK-1005 Online Practice Questions and Answers

Which command can be used to install a universal forwarder on a Linux system?

A. splunk install forwarder

B. splunk forwarder install

C. splunk add forward-server

D. splunk enable boot-start

Which setting in inputs.conf can be used to specify the command to run the script for a scripted input?

A. script

B. command

C. exec

D. run

What is the name of the configuration file where you can set custom rules for event line breaking and line merging for a specific app?

A. inputs.conf

B. outputs.conf

C. props.conf

D. transforms.conf

Which setting in inputs.conf can be used to specify the interval at which the script runs for a scripted input?

A. interval

B. frequency

C. schedule

D. cron

What are the three types of data that indexes contain in Splunk Cloud?

A. Raw data, index data, and metadata

B. Raw data, event data, and metadata

C. Raw data, index data, and event data

D. Raw data, index data, and metrics data

Which setting in inputs.conf can be used to specify the maximum size of a file that can be monitored by Splunk?

A. max_file_size

B. max_file_age

C. max_file_count

D. max_file_bytes

What is the main advantage of managed Splunk Cloud over self-service Splunk Cloud in terms of scalability and reliability?

A. Managed Splunk Cloud provides a single-instance environment that can scale up to 10TB/day and offers a 100% uptime SLA.

B. Managed Splunk Cloud provides a clustered environment that can scale up to 10TB/day and offers a 100% uptime SLA.

C. Managed Splunk Cloud provides a single-instance environment that can scale up to 5TB/day and offers a 99.9% uptime SLA.

D. Managed Splunk Cloud provides a clustered environment that can scale up to 5TB/day and offers a 99.9% uptime SLA.

Which feature of forwarders can protect the data from unauthorized access or tampering?

A. Data compression

B. SSL security

C. Data masking

D. Data encryption

What is the default value of the LINE_BREAKER setting that splits the incoming stream of data into separate lines?

A. Any sequence of newlines and carriage returns

B. Any sequence of spaces and tabs

C. Any sequence of punctuation marks

D. Any sequence of alphanumeric characters

What is the name of the Splunk Enterprise feature that provides a security data and event management (SIEM) solution that uses machine data to detect and respond to threats?

A. Splunk Enterprise Security

B. Splunk Enterprise Intelligence

C. Splunk Enterprise Analytics

D. Splunk Enterprise Monitoring