SPLK-1003 Free Practice Test

Which parent directory contains the configuration files in Splunk?

1. A. $SPLUNK_HOME/etc
2. B. $SPLUNK_HOME/var
3. C. $SPLUNK_HOME/conf
4. D. $SPLUNK_HOME/default

Correct Answer: A
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Admin/Configurationfiledirectories

What hardware attribute would you need to be changed to increase the number of simultaneous searches (ad-hoc and scheduled) on a single search head?

1. A. Disk
2. B. CPUs
3. C. Memory
4. D. Network interface cards

Correct Answer: B
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/DistSearch/SHCarchitecture

Where can scripts for scripted inputs reside on the host file system? (Select all that apply.)

1. A. $SPLUNK_HOME/bin/scripts
2. B. $SPLUNK_HOME/etc/apps/bin
3. C. $SPLUNK_HOME/etc/system/bin
4. D. $SPLUNK_HOME/etc/apps//bin

Correct Answer: ACD
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Data/Getdatafromscriptedinputs#Where_to_place_the_scripts_for_scripted_inputs

Which forwarder type can parse data prior to forwarding?

1. A. Universal forwarder
2. B. Heaviest forwarder
3. C. Hyper forwarder
4. D. Heavy forwarder

Correct Answer: D
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Forwarding/Typesofforwarders

Which Splunk indexer operating system platform is supported when sending logs from a Windows universal forwarder?

1. A. Any OS platform.
2. B. Linux platform only.
3. C. Windows platform only.
4. D. None of the above.

Correct Answer: C