- Email support@dumps4free.com
Which of the following is true regarding Splunk Enterprise performance? (Select all that apply.)
A.
Adding search peers increases the maximum size of search results.
B.
Adding RAM to an existing search heads provides additional search capacity.
C.
Adding search peers increases the search throughput as search load increases.
D.
Adding search heads provides additional CPU cores to run more concurrent searches.
Adding RAM to an existing search heads provides additional search capacity.
Adding search heads provides additional CPU cores to run more concurrent searches.
Splunk configuration parameter settings can differ between multiple .conf files of the same name contained within different apps. Which of the following directories has the highest precedence?
A.
System local directory.
B.
System default directory.
C.
App local directories, in ASCII order.
D.
App default directories, in ASCII order.
System local directory.
Which of the following are true statements about Splunk indexer clustering?
A.
All peer nodes must run exactly the same Splunk version.
B.
The master node must run the same or a later Splunk version than search heads.
C.
The peer nodes must run the same or a later Splunk version than the master node.
D.
The search head must run the same or a later Splunk version than the peer nodes.
The master node must run the same or a later Splunk version than search heads.
Which of the following is a best practice to maximize indexing performance?
A.
Use automatic sourcetyping.
B.
Use the Splunk default settings.
C.
Not use pre-trained source types.
D.
Minimize configuration generality
Minimize configuration generality
A Splunk architect has inherited the Splunk deployment at Buttercup Games and end users are complaining that the events are inconsistently formatted for a web sourcetype. Further investigation reveals that not all web logs flow through the same infrastructure: some of the data goes through heavy forwarders and some of the forwarders are managed by another department.
Which of the following items might be the cause for this issue?
A.
The search head may have different configurations than the indexers.
B.
The data inputs are not properly configured across all the forwarders.
C.
The indexers may have different configurations than the heavy forwarders.
D.
The forwarders managed by the other department are an older version than the rest
The indexers may have different configurations than the heavy forwarders.
| Page 3 out of 18 Pages |
| Previous |