Exam (elaborations)
Splunk Core Certified User & Splunk Fundamentals 1 |237 questions |with correct answers
- Course
- Institution
Splunk Core Certified User & Splunk Fundamentals 1 |237 questions |with correct answers
[Show more]
Content preview
Splunk Core Certified User & Splunk Fundamentals 1 |237 questions |with correct answers
T/F:
Machine data is always structured. CORRECT ANSWER False.
Machine data can be structured or unstructured.
Machine data makes up for more than ___% of the data accumulated by organizations. CORRECT ANSWER 90
T/F:
Machine data is only generated by web servers. CORRECT ANSWER False
Search requests are processed by the ___________. CORRECT ANSWER Indexers
Search strings are sent from the _________. CORRECT ANSWER Search Head
In most Splunk deployments, ________ serve as the primary way data is supplied for indexing. CORRECT ANSWER Forwarders
Which of these is *not* a main component of Splunk?
A) Search and investigate.
B) Compress and archive.
C) Add knowledge.
D) Collect and index data. CORRECT ANSWER B) Compress and archive
What are the three main processing components of Splunk? *(Select all that apply.)*
A) Indexers
B) Deployment Maker
C) Search Heads
D) Forwarders
E) Distributors CORRECT ANSWER A) Indexers
C) Search Heads
D) Forwarders
_________ define what users can do in Splunk.
A) Tokens
B) Disk permissions
C) Roles CORRECT ANSWER C) Roles
This role will only see their own knowledge objects and those that have been shared with them.
A) User
B) Power
C) Admin CORRECT ANSWER A) User
T/F:
You can launch and manage apps from the home app. CORRECT ANSWER True
What are the three main default roles in Splunk Enterprise? *(Select all that apply.)*
A) King
B) User
C) Manager
D) Admin
E) Power CORRECT ANSWER B) User
D) Admin
E) Power
Which apps ship with Splunk Enterprise?
*(Select all that apply.)*
A) Home App
B) Sideview Utils
C) Search & Reporting
D) DB Connect CORRECT ANSWER A) Home App
C) Search & Reporting
The default username and password for a newly installed Splunk instance is:
A) username and password
B) admin and changeme
C) admin and 12345
D) buttercup and rawks CORRECT ANSWER B) admin and changeme
Files indexed using the *upload* input option get indexed _____. A) Each time Splunk restarts.
B) Every hour.
C) On every search.
D) Once. CORRECT ANSWER D) Once.
T/F:
The monitor input option will allow you to continuously monitor files. CORRECT ANSWER True
Splunk knows where to break the event, where the time stamp is located and how to automatically create field value pairs using these.
A) Line breaks
B) Source types
C) File names CORRECT ANSWER B) Source types
Splunk uses ______________ to categorize the type of data being indexed. CORRECT ANSWER sourcetype
In most production environments, _____________ will be used as your the source of data input. CORRECT ANSWER Forwarders
How is the *asterisk* used in Splunk search?
A) As a wildcard.
B) To make a nose for your clown emoticon.
C) As a place holder.
D) To add up numbers. CORRECT ANSWER A) As a wildcard.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BillRanker. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
79271 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now