To create a "Log Event" alert action in Splunk, a user without the admin role requires the edit_tcp capability. This is necessary to ensure that the log event action functions properly, as highlighted in the Splunk Community discussion and documentation
To create a Log Event alert action in Splunk, a power user needs the edit_alerts capability. This capability allows users to create, edit, and manage alert actions, including Log Event alerts
It is C. If not admin, a power user should have edit_tcp to create a log event alert.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
cagdaskarabag
1 month agoykamalharsha
1 month, 1 week agoEddie_exam
8 months, 1 week agoDerag
8 months, 1 week ago