Which forwarder is recommended by Splunk to use in a production environment?

• A.Heavy forwarder
• B.SSL forwarder
• C.Lightweight forwarder
• D.Universal forwarder

Comment: *

Name: *

Email: *

Verification: *

A security team needs to ingest a static file for a specific incident. The log file has not been collected previously and future updates to the file must not be indexed.
Which command would meet these needs?

• A.splunk add one shot / opt/ incident [data .log -index incident
• B.splunk edit monitor /opt/incident/data.* -index incident
• C.splunk add monitor /opt/incident/data.log -index incident
• D.splunk edit oneshot [opt/ incident/data.* -index incident

Comment: *

Name: *

Email: *

Verification: *

An organization wants to collect Windows performance data from a set of clients, however, installing Splunk software on these clients is not allowed. What option is available to collect this data in Splunk Enterprise?

• A.Use Local Windows host monitoring.
• B.Use Windows Remote Inputs with WMI.
• C.Use Local Windows network monitoring.
• D.Use an index with an Index Data Type of Metrics.

Comment: *

Name: *

Email: *

Verification: *

Which of the following are supported configuration methods to add inputs on a forwarder? (select all that apply)

• A.Edit inputs . conf
• B.Forwarder Management
• C.Edit forwarder.conf
• D.CLI

Comment: *

Name: *

Email: *

Verification: *

After automatic load balancing is enabled on a forwarder, the time interval for switching indexers can be updated by using which of the following attributes?

• A.secsInFailurelnterval
• B.connectionTimeout
• C.channelTTL
• D.autoLBFrequency

Comment: *

Name: *

Email: *

Verification: *