Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Splunk® SPLK-1005

Splunk® SPLK-1005 Exam Practice Questions (P. 1)

  • Full Access (60 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #1
When monitoring directories that contain mixed file types, which setting should be omitted from inputs.conf and instead be overridden in props.conf?
  1. A
    sourcetype
  2. B
    host
  3. C
    source
  4. D
    index

Correct Answer: A ?️

Question #2
How are HTTP Event Collector (HEC) tokens configured in a managed Splunk Cloud environment?
  1. A
    Any token will be accepted by HEC, the data may just end up in the wrong index.
  2. B
    A token is generated when configuring a HEC input, which should be provided to the application developers.
  3. C
    Obtain a token from the organization’s application developers and apply it in Settings > Data Inputs > HTTP Event Collector > New Token.
  4. D
    Open a support case for each new data input and a token will be provided.

Correct Answer: B ?️

Question #3
The following Apache access log is being ingested into Splunk via a monitor input:

How does Splunk determine the time zone for this event?
  1. A
    The value of the TZ attribute in props.conf for the access_combined sourcetype.
  2. B
    The value of the TZ attribute in props.conf for the my.webserver.example host.
  3. C
    The time zone of the Heavy/Intermediate Forwarder with the monitor input.
  4. D
    The time zone indicator in the raw event data.

Correct Answer: D ?️

Question #4
What syntax is required in inputs.conf to ingest data from files or directories?
  1. A
    A monitor stanza, sourcetype, and index is required to ingest data.
  2. B
    A monitor stanza, sourcetype, index, and host is required to ingest data.
  3. C
    A monitor stanza and sourcetype is required to ingest data.
  4. D
    Only the monitor stanza is required to ingest data.

Correct Answer: D ?️

Question #5
A user has been asked to mask some sensitive data without tampering with the structure of the file /var/log/purchases/transactions.log that has the following format:
2020-01-01 00:01:20 User=bob SuperSecretNumber=123456789012 Operation=purchase
2020-01-01 16:15:32 User=alice SuperSecretNumber=123456789012 Operation=purchase
Which of the stanzas below will achieve this?
  1. A
  2. B
  3. C
  4. D

Correct Answer: A ?️

Next Questions

All Pages