Splunk Certified Admin with 100% complete solutions already graded A

which parent directory contains the configuration files in Splunk? $SPLUNK_HOME/etc where can scripts for scripted inputs reside on the host file system? $SPLUNK_HOME/bin/scripts $SPLUNK_HOME/etc/system/bin In which Splunk configuration is the SEDCMD used User Role inheritance allows what to be inherited? Capabilities Index Access What are the correct order of steps in Duo Multifactor Authentication? 1. request login 2.Duo MFA 3.Authentication Granted 4. Connect to SAML server 5. Log in to Splunk 6. create user session which Splunk component consolidates the individual results and prepares reports in a distributed environment? Search Head Within the , which stanzas are valid for data modification? Sourcetype Source Host to set up a network input in Splunk, what needs to be specified? Network Protocol and port number what enables compression for the universal forwarders in the ? [tcpout] defaultGroup=my_indexers compressed=true in which phase of the index time process does the license metering occur? indexing phase The priority of layered Splunk configuration files depends on the fileOs: Context what are supported configuration methods to add inputs on a forwarder? Edit Forwarder Management CLI when running this command what is the default path in which is created? splunk set deploy-poll deployServer:port SPLUNK_HOME/etc/system/local what statements describe deployment management? Requires an Enterprise license Is responsible for sending apps to forwarders Where should apps be located on the deployment server that clients pull from? $SPLUNK_HOME/etc/deployment-apps Which Splunk forwarder type allows parsing of data before forwarding to an indexer? Heavy forwarder In the case of a conflict between a whitelist and blacklist input setting, which one is used? Blacklist Which forwarder type can parse data prior to forwarding? Heavy forwarder what options are available when creating custom roles? Allow or restrict indexes that can be searched limit the number of concurrent search jobs Restrict search terms Which Splunk component distributes apps and certain other configuration updates to search head cluster members? Deployer