Which file is used for role and mapping
- authorize.conf (Ans)
- authorizes.conf
- authentication.conf
- limits.conf
You can not search the data in frozen stage of bucket
- True (Ans)
- False
Attributes in indexes.conf to freeze data when it grows too old
- frozenTimePeriodInSecs (Ans)
- frozenTimePeriodInMinutes
- frozenTimePeriodInHour
- MaxDataSizeInMb
Which Splunk License does not exist
- search head (Ans)
- forwarder
- free
- Splunk Enterprise
You can not back up hot buckets
- Yes, you can not do
- No , you can back up hot buckets
- You can back up hot buckets as well, you need to take a snapshot of the files, using a tool like VSS.
- Its not possible to take backup of hot buckets (Ans)
Why you should create multiple indexes?
- To control user access.
- To accommodate varying retention policies.
- To speed searches in certain situations.
- All of the above. (Ans)
Which command is used only to delete index web data ?
- splunk clean eventdata -index web (Ans)
- splunk clean eventdata
- splunk remove -index web
- splunk disable -index web
What is the use of Add-on in splunk?
- To create dashboards
- To run only scripts
- To extract fields, parsing etc but do not provide dashboards (Ans)
- To replace App
In which index, events from the file system change monitor, auditing, and all user search history are stored.
- audit
- _audit (Ans)
- index
- _index
- main
Can you create new index starting with _ in splunk web-gui ?
- Yes
- No (Ans)
- You can create but it is not recommended by Splunk
Deployment server push configuration files to deployment client
- True
- False (Ans)
Deployment client uses which configuration files to connect deployment server ?
- serverclass.conf
- deploymentclient.conf (Ans)
- inputs.conf
- outputs.conf
universal forwarder can index the data
- True
- False (Ans)
Which component should not have web gui?
- Search Head
- Deployment Server
- Universal Forwarder (Ans)
- Heavy Forwarder
Search Head can not index the data.
- True
- False (Ans)
Which index includes Splunk Enterprise internal logs and metrics.
- _internal (Ans)
- audit
- main
- _audit
The deployment server does not automatically deploy apps when you edit through forwarder management.
- True
- False (Ans)
The deployment server does not automatically deploy apps in response to direct edits of serverclass.conf
- True (Ans)
- Flase
A dedicated deployment server can handle how many clients ?
- 50
- 100
- 400
- 500 – 1000 clients, even more than this and it depends of the periodicity, and the size of the bundles to deploy. (Ans)
Which is used in script stanza ?
- monitor
- script (Ans)
- fschange
which attribute can be used to run a script in every 5 minutes
- interval = 5
- interval = 300 (Ans)
- interval = 1800
- cron = 300
which can be used in stanza to destroy file after reading the file
- fschange
- monitor
- batch (Ans)
- destroy
To receive data from forwarder in indexer in inputs.conf file, which is used in stanza ?
- tcp
- splunktcp (Ans)
- udp
- forwardertcp
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/
My Linkedin - https://www.linkedin.com/in/rajeshkumarin
- Installing Jupyter: Get up and running on your computer - November 2, 2024
- An Introduction of SymOps by SymOps.com - October 30, 2024
- Introduction to System Operations (SymOps) - October 30, 2024
