In case of a conflict between a whitelist and a blacklist input setting, which one is used?

SPLK-1003 V1 0 Comments

In case of a conflict between a whitelist and a blacklist input setting, which one is used?
A . Blacklist
B . Whitelist
C . They cancel each other out.
D . Whichever is entered into the configuration first.

Answer: A

Explanation:

https://docs.splunk.com/Documentation/Splunk/8.0.4/Data/Whitelistorblacklistspecificincomingdat a

"It is not necessary to define both an allow list and a deny list in a configuration stanza. The settings are independent. If you do define both filters and a file matches them both, Splunk Enterprise does not index that file, as the blacklist filter overrides the whitelist filter." Source: https://docs.splunk.com/Documentation/Splunk/8.1.0/Data/Whitelistorblacklistspecificincomingdat a

Latest SPLK-1003 Dumps Valid Version with 119 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SPLK-1003 PDF     SPLK-1003 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments