Create Next App

Exam contains 60 questions

Page 1 of 10

Question 1 🔥

How are HTTP Event Collector (HEC) tokens configured in a managed Splunk Cloud environment?

Which database solution meets these requirements?

A. Any token will be accepted by HEC, the data may just end up in the wrong index.

Highly voted

B. A token is generated when configuring a HEC input, which should be provided to the application developers.

Highly voted

C. Obtain a token from the organization’s application developers and apply it in Settings > Data Inputs > HTTP Event Collector > New Token.

Highly voted

D. Open a support case for each new data input and a token will be provided.

Highly voted

Discussion of the question

Question 2 🔥

The following Apache access log is being ingested into Splunk via a monitor input:How does Splunk determine the time zone for this event?

Which database solution meets these requirements?

A. The value of the TZ attribute in props.conf for the access_combined sourcetype.

Highly voted

B. The value of the TZ attribute in props.conf for the my.webserver.example host.

Highly voted

C. The time zone of the Heavy/Intermediate Forwarder with the monitor input.

Highly voted

D. The time zone indicator in the raw event data.

Highly voted

Discussion of the question

Question 3 🔥

What syntax is required in inputs.conf to ingest data from files or directories?

Which database solution meets these requirements?

A. A monitor stanza, sourcetype, and index is required to ingest data.

Highly voted

B. A monitor stanza, sourcetype, index, and host is required to ingest data.

Highly voted

C. A monitor stanza and sourcetype is required to ingest data.

Highly voted

D. Only the monitor stanza is required to ingest data.

Highly voted

Discussion of the question

Question 4 🔥

A user has been asked to mask some sensitive data without tampering with the structure of the file /var/log/purchases/transactions.log that has the following format:2020-01-01 00:01:20 User=bob SuperSecretNumber=123456789012 Operation=purchase2020-01-01 16:15:32 User=alice SuperSecretNumber=123456789012 Operation=purchaseWhich of the stanzas below will achieve this?

Which database solution meets these requirements?

Highly voted

Discussion of the question

Question 5 🔥

Which of the following are valid settings for file and directory monitor inputs?

Which database solution meets these requirements?

A. host, index, source_length, _TCP_Routing, host_segment

Highly voted

B. host, index, sourcetype, _TCP_Routing, host_regex, host_segment

Highly voted

C. host, index, directory, host_regex, host_segment

Highly voted

D. host, index, sourcetype, _UDP_Routing, host_regex, host_segment

Highly voted

Discussion of the question

Question 6 🔥

When monitoring directories that contain mixed file types, which setting should be omitted from inputs.conf and instead be overridden in props.conf?

Which database solution meets these requirements?

A. sourcetype

Highly voted

B. host

Highly voted

C. source

Highly voted

D. index

Highly voted

Discussion of the question

Ready to Pass Your Certification Test

splunk SPLK_1005

Exam contains 60 questions

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Company

Product

Resources

Follow us