exam questions

Exam SPLK-3001 All Questions

View all questions & answers for the SPLK-3001 exam

Exam SPLK-3001 topic 1 question 18 discussion

Actual exam question from Splunk's SPLK-3001
Question #: 18
Topic #: 1
[All SPLK-3001 Questions]

At what point in the ES installation process should Splunk_TA_ForIndexers.spl be deployed to the indexers?

  • A. When adding apps to the deployment server.
  • B. Splunk_TA_ForIndexers.spl is installed first.
  • C. After installing ES on the search head(s) and running the distributed configuration management tool.
  • D. Splunk_TA_ForIndexers.spl is only installed on indexer cluster sites using the cluster master and the splunk apply cluster-bundle command.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
BMO
Highly Voted 3 years, 7 months ago
C is correct Admin ES - Slide 161
upvoted 8 times
...
6589077
Most Recent 4 weeks, 1 day ago
Selected Answer: C
Although D is correct for IDX clusters, the answer says "only" which is incorrect because the app is used for single IDX as well and can be pushed by the deployment server. The question never mentions clustered IDX.
upvoted 1 times
...
kiragi
2 months ago
Selected Answer: C
answer is C, ES must be installed on the search head to collect the TA for indexers
upvoted 1 times
...
jaemon22
6 months, 4 weeks ago
Selected Answer: C
After installing Splunk Enterprise Security (ES) on the search head(s) and running the distributed configuration management tool, you should deploy Splunk_TA_ForIndexers.spl to the indexers. This ensures that the necessary configurations and knowledge objects are properly distributed and applied to the indexers.
upvoted 1 times
...
dohatelo
8 months, 2 weeks ago
Correct answer D ! See instructions from Admin ES: • Install ES on the Deployer 1. On the Splunk toolbar, select Apps > Manage Apps and click Install app from file 2. Click Choose File and select the Splunk Enterprise Security file 3. Click Upload to begin the installation 4. Click Continue to app setup page 5. Click Start Configuration Process, and wait for it to complete 6. Use the Deployer to deploy ES to the cluster members. From the Deployer run: splunk apply shcluster-bundle
upvoted 2 times
...
vasudvn
1 year ago
Selected Answer: D
Splunk_TA_ForIndexers.spl is created only for clustered indexer environment https://docs.splunk.com/Documentation/ES/6.1.0/Install/InstallTechnologyAdd-ons#Create_the_Splunk_TA_ForIndexers_and_manage_deployment_manually
upvoted 2 times
...
andy73
3 years ago
C is correct
upvoted 3 times
...
oksey
4 years, 3 months ago
C is the Ans
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago