Free Practice Questions for Splunk Enterprise Certified Admin (SPLK-1003)

QUESTION 11

Which valid bucket types are searchable? (Select all that apply.)

Correct Answer: ABC
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Indexer/HowSplunkstoresindexes

QUESTION 12

How does the Monitoring Console monitor forwarders?

Correct Answer: A

QUESTION 13

Which of the following are methods for adding inputs in Splunk? (Select all that apply.)

Correct Answer: AB
Reference: http://dev.splunk.com/view/dev -guide/SP-CAAAE3A

QUESTION 14

Which of the following is a valid distributed search group?

A. [distributedSearch:Paris] default = false servers = server1, server2
B. [searchGroup:Paris] default = false servers = server1:8089, server2:8089
C. [searchGroup:Paris] default = false servers = server1:9997, server2:9997
D. [distributedSearch:Paris] default = false servers = server1:8089; server2:8089

Correct Answer: D
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/DistSearch/Distributedsearchgroups

QUESTION 15

What are the required stanza attributes when configuring the transforms.conf to manipulate or remove events?

Correct Answer: C
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Admin/Transformsconf

SPLK-1003 Dumps