Practice Exams:

Free SPLK-1003 Exam Braindumps

Pass your Splunk Enterprise Certified Admin exam with these free Questions and Answers

Page 2 of 28
PDF with 138 Questions
QUESTION 1

Where should apps be located on the deployment server that the clients pull from?

  1. A. $SPLUNK_HOME/etc/apps
  2. B. $SPLUNK_HOME/etc/search
  3. C. $SPLUNK_HOME/etc/master-apps
  4. D. $SPLUNK_HOME/etc/deployment-apps

Correct Answer: A
Reference: https://answers.splunk.com/answers/371099/how-to-configure-deployment-apps-to-push-to-client.html

QUESTION 2

The universal forwarder has which capabilities when sending data? (Select all that apply.)

  1. A. Sending alerts
  2. B. Compressing data
  3. C. Obfuscating/hiding data
  4. D. Indexer acknowledgement

Correct Answer: D
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Forwarding/Typesofforwarders

QUESTION 3

Where can scripts for scripted inputs reside on the host file system? (Select all that apply.)

  1. A. $SPLUNK_HOME/bin/scripts
  2. B. $SPLUNK_HOME/etc/apps/bin
  3. C. $SPLUNK_HOME/etc/system/bin
  4. D. $SPLUNK_HOME/etc/apps//bin

Correct Answer: ACD
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Data/Getdatafromscriptedinputs#Where_to_place_the_scripts_for_scripted_inputs

QUESTION 4

Which option accurately describes the purpose of the HTTP Event Collector (HEC)?

  1. A. A token-based HTTP input that is secure and scalable and that requires the use of forwarders.
  2. B. A token-based HTTP input that is secure and scalable and that does not require the use of forwarders.
  3. C. An agent-based HTTP input that is secure and scalable and that does not require the use of forwarders.
  4. D. A token-based HTTP input that is insecure and non-scalable and that does not require the use of forwarders.

Correct Answer: B
Reference: http://dev.splunk.com/view/event-collector/SP-CAAAE6M

QUESTION 5

Which of the following apply to how distributed search works? (Select all that apply.)

  1. A. The search head dispatches searches to the peers.
  2. B. The search peers pull the data from the forwarders.
  3. C. Peers run searches in parallel and return their portion of results.
  4. D. The search head consolidates the individual results and prepares reports.

Correct Answer: A
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/DistSearch/Whatisdistributedsearch

Page 2 of 28
PDF with 138 Questions

Post your Comments and Discuss Splunk SPLK-1003 exam with other Community members: