Splunk SPLK-1003 - Splunk Enterprise Certified Admin Exam
Page: 2 / 42
Total 209 questions
Question #6 (Topic: Single Topic)
Which parent directory contains the configuration files in Splunk?
A. $SPLUNK_HOME/etc
B. $SPLUNK_HOME/var
C. $SPLUNK_HOME/conf
D. $SPLUNK_HOME/default
Answer: A
Question #7 (Topic: Single Topic)
Which forwarder type can parse data prior to forwarding?
A. Universal forwarder
B. Heaviest forwarder
C. Hyper forwarder
D. Heavy forwarder
Answer: D
Question #8 (Topic: Single Topic)
Which Splunk component consolidates the individual results and prepares reports in a distributed environment?
A. Indexers
B. Forwarder
C. Search head
D. Search peers
Answer: C
Question #9 (Topic: Single Topic)
Which Splunk component distributes apps and certain other configuration updates to search head cluster members?
A. Deployer
B. Cluster master
C. Deployment server
D. Search head cluster master
Answer: A
Question #10 (Topic: Single Topic)
Where should apps be located on the deployment server that the clients pull from?
A. $SPLUNK_HOME/etc/apps
B. $SPLUNK_HOME/etc/search
C. $SPLUNK_HOME/etc/master-apps
D. $SPLUNK_HOME/etc/deployment-apps
Answer: D
