Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
 

Splunk SPLK-2002 Exam Actual Questions

The questions for SPLK-2002 were last updated on July 18, 2024.
  • Viewing page 1 out of 23 pages.
  • Viewing questions 1-4 out of 90 questions

Topic 1 - Single Topic

Question #1 Topic 1

Which of the following will cause the greatest reduction in disk size requirements for a cluster of N indexers running Splunk Enterprise Security?

  • A. Setting the cluster search factor to N-1.
  • B. Increasing the number of buckets per index.
  • C. Decreasing the data model acceleration range.
  • D. Setting the cluster replication factor to N-1.
Reveal Solution Hide Solution   Discussion   14

Correct Answer: D 🗳️
Reference:
https://docs.splunk.com/Documentation/Splunk/7.3.2/Indexer/Systemrequirements

Question #2 Topic 1

Stakeholders have identified high availability for searchable data as their top priority. Which of the following best addresses this requirement?

  • A. Increasing the search factor in the cluster.
  • B. Increasing the replication factor in the cluster.
  • C. Increasing the number of search heads in the cluster.
  • D. Increasing the number of CPUs on the indexers in the cluster.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: B 🗳️
Reference:
https://docs.splunk.com/Documentation/Splunk/7.3.2/DistSearch/SHCarchitecture

Question #3 Topic 1

Search dashboards in the Monitoring Console indicate that the distributed deployment is approaching its capacity. Which of the following options will provide the most search performance improvement?

  • A. Replace the indexer storage to solid state drives (SSD).
  • B. Add more search heads and redistribute users based on the search type.
  • C. Look for slow searches and reschedule them to run during an off-peak time.
  • D. Add more search peers and make sure forwarders distribute data evenly across all indexers.
Reveal Solution Hide Solution   Discussion   8

Correct Answer: C 🗳️

Question #4 Topic 1

A Splunk architect has inherited the Splunk deployment at Buttercup Games and end users are complaining that the events are inconsistently formatted for a web sourcetype. Further investigation reveals that not all web logs flow through the same infrastructure: some of the data goes through heavy forwarders and some of the forwarders are managed by another department.
Which of the following items might be the cause for this issue?

  • A. The search head may have different configurations than the indexers.
  • B. The data inputs are not properly configured across all the forwarders.
  • C. The indexers may have different configurations than the heavy forwarders.
  • D. The forwarders managed by the other department are an older version than the rest.
Reveal Solution Hide Solution   Discussion   10

Correct Answer: C 🗳️

Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
ex Want to SAVE BIG on Certification Exam Prep?
close
ex Unlock All Exams with ExamTopics Pro 75% Off
  • arrow Choose From 1000+ Exams
  • arrow Access to 10 Exams per Month
  • arrow PDF Format Available
  • arrow Inline Discussions
  • arrow No Captcha/Robot Checks
Limited Time Offer
Ends in