Free SPLK-1003 Exam Braindumps

What hardware attribute would you need to be changed to increase the number of simultaneous searches (ad-hoc and scheduled) on a single search head?

1. A. Disk
2. B. CPUs
3. C. Memory
4. D. Network interface cards

Correct Answer: B
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/DistSearch/SHCarchitecture

What is the default character encoding used by Splunk during the input phase?

1. A. UTF-8
2. B. UTF-16
3. C. EBCDIC
4. D. ISO 8859

Correct Answer: A
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Data/Configurecharactersetencoding

What type of data is counted against the Enterprise license at a fixed 150 bytes per event?

1. A. License data
2. B. Metrics data
3. C. Internal Splunk data
4. D. Internal Windows logs

Correct Answer: B
Reference: https://answers.splunk.com/answers/581441/how-is-the-splunk-license-measured.html

Which of the following statements apply to directory inputs? (Select all that apply.)

1. A. All discovered text files are consumed.
2. B. Compressed files are ignored by default.
3. C. Splunk recursively traverses through the directory structure.
4. D. When adding new log files to a monitored directory, the forwarder must be restarted to take them into account.

Correct Answer: C
Reference: https://answers.splunk.com/answers/133875/recursive-monitoring-of -directories.html

Local user accounts created in Splunk store passwords in which file?

1. A. $SPLUNK_HOME/etc/passwd
2. B. $SPLUNK_HOME/etc/authentication
3. C. $SPLUNK_HOME/etc/users/passwd.conf
4. D. $SPLUNK_HOME/etc/users/authentication.conf

Correct Answer: A
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Admin/User-seedconf