SPLK-2002 V1

Which of the following are client filters available in serverclass.conf? (Select all that apply.)A . DNS name.B . IP address.C . Splunk server role.D . Platform (machine type).View AnswerAnswer: A, B, D Explanation: The client filters available in serverclass.conf are DNS name, IP address, and platform (machine type). These filters...

Which of the following clarification steps should be taken if apps are not appearing on a deployment client? (Select all that apply.)A . Check serverclass.conf of the deployment server.B . Check deploymentclient.conf of the deployment client.C . Check the content of SPLUNK_HOME/etc/apps of the deployment server.D . Search for relevant...

To optimize the distribution of primary buckets; when does primary rebalancing automatically occur? (Select all that apply.)A . Rolling restart completes.B . Master node rejoins the cluster.C . Captain joins or rejoins cluster.D . A peer node joins or rejoins the cluster.View AnswerAnswer: A, B, D Explanation: Primary rebalancing automatically...

A multi-site indexer cluster can be configured using which of the following? (Select all that apply.)A . Via Splunk Web.B . Directly edit SPLUNK_HOME/etc./system/local/server.confC . Run a Splunk edit cluster-config command from the CLI.D . Directly edit SPLUNK_HOME/etc/system/default/server.confView AnswerAnswer: B, C Explanation: A multi-site indexer cluster can be configured by...

Which of the following will cause the greatest reduction in disk size requirements for a cluster of N indexers running Splunk Enterprise Security?A . Setting the cluster search factor to N-1.B . Increasing the number of buckets per index.C . Decreasing the data model acceleration range.D . Setting the cluster...

In a four site indexer cluster, which configuration stores two searchable copies at the origin site, one searchable copy at site2, and a total of four searchable copies?A . site_search_factor = origin:2, site1:2, total:4B . site_search_factor = origin:2, site2:1, total:4C . site_replication_factor = origin:2, site1:2, total:4D . site_replication_factor = origin:2,...

Which of the following should be included in a deployment plan?A . Business continuity and disaster recovery plans.B . Current logging details and data source inventory.C . Current and future topology diagrams of the IT environment.D . A comprehensive list of stakeholders, either direct or indirect.View AnswerAnswer: A, B, C...

The guidance Splunk gives for estimating size on for syslog data is 50% of original data size. How does this divide between files in the index?A . rawdata is: 10%, tsidx is: 40%B . rawdata is: 15%, tsidx is: 35%C . rawdata is: 35%, tsidx is: 15%D . rawdata is:...

In search head clustering, which of the following methods can you use to transfer captaincy to a different member? (Select all that apply.)A . Use the Monitoring Console.B . Use the Search Head Clustering settings menu from Splunk Web on any member.C . Run the splunk transfer shcluster-captain command from...

Which of the following describe migration from single-site to multisite index replication?A . A master node is required at each site.B . Multisite policies apply to new data only.C . Single-site buckets instantly receive the multisite policies.D . Multisite total values should not exceed any single-site factors.View AnswerAnswer: B Explanation:...