SPLK-2002 – Splunk Enterprise Certified Architect Exam

Loading demo links...

Showing 1–3 of 10 questions

Question 1

Splunk Enterprise platform instrumentation refers to data that the Splunk Enterprise deployment logs in the _introspection index. Which of the following logs are included in this index? (Select all that apply.)

Select all that apply, then click Submit answer.

○
audit.log
○
metrics.log
○
disk_objects.log
○
resource_usage.log

Question 2

A multi-site indexer cluster can be configured using which of the following? (Select all that apply.)

Select all that apply, then click Submit answer.

○
Via Splunk Web.
○
Directly edit SPLUNK_HOME/etc/system/local/server.conf
○
Run a splunk edit cluster-config command from the CLI.
○
Directly edit SPLUNK_HOME/etc/system/default/server.conf

Question 3

Which of the following options can improve reliability of syslog delivery to Splunk? (Select all that apply.)

Select all that apply, then click Submit answer.

○
Use TCP syslog.
○
Configure UDP inputs on each Splunk indexer to receive data directly.
○
Use a network load balancer to direct syslog traffic to active backend syslog listeners.
○
Use one or more syslog servers to persist data with a Universal Forwarder to send the data to Splunk indexers.

← Prev 1 2 3 4 Next →

Page 1 of 4

Sale Ends In

2h 0m 0s