Free Demo Questions

Test Online Free Splunk SPLK-1005 Exam Questions and Answers

Practice a live sample before buying full access. This page keeps the free SPLK-1005 question set organized by page so visitors and search engines can reach the canonical -questions.html URL directly.

Updated Nov 13, 2024 25 Questions 2 Pages

Get SPLK-1005 Full Access

Question 1 Selectable Answer

Which feature of forwarders can prevent data loss in case of network failure or congestion?

A. Data compression
B. SSL security
C. Configurable buffering
D. Persistent queues

Answer:

Question 2 Selectable Answer

Which file processor can be used to index files that are not actively written to or updated?

A. Monitor
B. MonitornoHandle
C. Upload
D. None of the above

Answer:

Question 3 Selectable Answer

Which configuration file determines how a universal forwarder forwards data to the indexer?

A. inputs.conf
B. outputs.conf
C. props.conf
D. transforms.conf

Answer:

Question 4 Selectable Answer

Which setting in inputs.conf can be used to specify the command to run the script for a scripted input?

A. script
B. command
C. exec
D. run

Answer:

Question 5 Selectable Answer

Which type of forwarder can perform data parsing and enrichment before sending it to the indexer?

A. Universal forwarder
B. Heavy forwarder
C. Deployment server
D. Search head

Answer:

Question 6 Selectable Answer

Which configuration file needs to be edited to configure the universal forwarder to act as a deployment client?

A. deploymentclient.conf
B. server.conf
C. outputs.conf
D. inputs.conf

Answer:

Question 7 Selectable Answer

What is the name of the configuration file where you can specify the source type for a data input?

A. limits.conf
B. props.conf
C. inputs.conf
D. transforms.conf

Answer:

Question 8 Selectable Answer

Which configuration file needs to be edited to enable local indexing on the forwarder?

A. outputs.conf
B. inputs.conf
C. props.conf
D. transforms.conf

Answer:

Question 9 Selectable Answer

Which setting in inputs.conf can be used to specify the interval at which the script runs for a scripted input?

A. interval
B. frequency
C. schedule
D. cron

Answer:

Question 10 Selectable Answer

What is the name of the process that breaks the stream of raw data into individual lines called events?

A. Line breaking
B. Event annotation
C. Event transformation
D. Timestamp extraction

Answer:

Question 11 Selectable Answer

Which type of forwarder can act as an intermediate forwarder to receive data from other forwarders and send it to the indexer?

A. Universal forwarder
B. Heavy forwarder
C. Light forwarder
D. Any type of forwarder

Answer:

Question 12 Selectable Answer

What is the main advantage of self-service Splunk Cloud over managed Splunk Cloud in terms of cost and control?

A. Self-service Splunk Cloud costs more to get started and maintain but allows your organization total control in setup and security configurations.
B. Self-service Splunk Cloud costs less to get started and maintain and allows your organization total control in setup and security configurations.
C. Self-service Splunk Cloud costs more to get started and maintain and requires your organization to rely on Splunk for setup and security configurations.
D. Self-service Splunk Cloud costs less to get started and maintain but requires your organization to rely on Splunk for setup and security configurations.

Answer:

Question 13 Selectable Answer

Which setting in inputs.conf can be used to specify the SSL certificate for a TCP or UDP input?

A. sslCertPath
B. sslRootCAPath
C. sslPassword
D. All of the above

Answer:

Question 14 Selectable Answer

What is the name of the default field that stores the timestamps in UNIX time when data is indexed?

A. _time
B. _timestamp
C. _date
D. _epoch

Answer:

Question 15 Selectable Answer

Which command can be used to install a universal forwarder on a Linux system?

A. splunk install forwarder
B. splunk forwarder install
C. splunk add forward-server
D. splunk enable boot-start

Answer:

Current Exam

SPLK-1005

Splunk
Splunk Cloud Certified Admin

View Full SPLK-1005 Package