Question 1

Which of the following statements is true about data transformations using SEDCMD?

Options :

A : Can only be used to mask or truncate raw data.

B : Configuredin props.conf and transform.conf.

C : Can be used to manipulate the sourcetype per event.

D : Operates on a REGEX pattern match of the source, sourcetype, or host of an event.

Answer: A

Question 2

Which of the following lists all parameters supported by the acceptFrom argument?

Options :

A : IPv4, IPv6, CIDRs, DNS names, Wildcards

B : IPv4, IPv6, CIDRs, DNS names

C : CIDRs, DNS names, Wildcards

D : IPv4. CIDRs, DNS names. Wildcards

Answer: B

Question 3

How is it possible to test a script from the Splunk perspective before using it within a scripted input?

Options :

A : splunk run

B : splunk script

C : ./$SPLUNK_HOME/etc/apps//bin/

D : splunk cmd

Answer: D

Question 4

Which of the following are valid settings for file and directory monitor inputs?

Options :

A :

B :

C :

D :

Answer: B

Question 5

What is the main advantage of self-service Splunk Cloud over managed Splunk Cloud in terms of cost and control?

Options :

A : Self-service Splunk Cloud costs less to get started and maintain and allows your organization total control in setup and security configurations.

B : Self-service Splunk Cloud costs more to get started and maintain and requires your organization to rely on Splunk for setup and security configurations.

C : Self-service Splunk Cloud costs more to get started and maintain but allows your organization total control in setup and security configurations.

D : Self-service Splunk Cloud costs less to get started and maintain but requires your organization to rely on Splunk for setup and security configurations.

Answer: D

Free SPLK-1005 Mock Exam – Practice Online Confidently

Buying Options: