SPLK-1003 Free Practice Test

Where can scripts for scripted inputs reside on the host file system? (Select all that apply.)

1. A. $SPLUNK_HOME/bin/scripts
2. B. $SPLUNK_HOME/etc/apps/bin
3. C. $SPLUNK_HOME/etc/system/bin
4. D. $SPLUNK_HOME/etc/apps//bin

Correct Answer: ACD
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Data/Getdatafromscriptedinputs#Where_to_place_the_scripts_for_scripted_inputs

Which forwarder type can parse data prior to forwarding?

1. A. Universal forwarder
2. B. Heaviest forwarder
3. C. Hyper forwarder
4. D. Heavy forwarder

Correct Answer: D
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Forwarding/Typesofforwarders

Which Splunk indexer operating system platform is supported when sending logs from a Windows universal forwarder?

1. A. Any OS platform.
2. B. Linux platform only.
3. C. Windows platform only.
4. D. None of the above.

Correct Answer: C

The priority of layered Splunk configuration files depends on the file’s:

1. A. Owner
2. B. Weight
3. C. Context
4. D. Creation time

Correct Answer: C
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/Wheretofindtheconfigurationfiles

In which scenario would a Splunk Administrator want to enable data integrity check when creating an index?

1. A. To ensure that hot buckets are still open for writers and have not been forced to roll to a cold state.
2. B. To ensure that configuration files have not been tampered with for auditing and/or legal purposes.
3. C. To ensure that user passwords have not been tampered with for auditing and/or legal purposes.
4. D. To ensure that data has not been tampered with for auditing and/or legal purposes.

Correct Answer: D
Reference: https://www.splunk.com/blog/2015/10/28/data-integrity-is-back-baby.html