ExamTopics Logo
Mail Us[email protected]
Menu
Splunk Discussions
exam questions

Exam SPLK-1003 All Questions

View all questions & answers for the SPLK-1003 exam
Go to Exam

Exam SPLK-1003 topic 1 question 35 discussion

Actual exam question from Splunk's SPLK-1003
Question #: 35
Topic #: 1
[All SPLK-1003 Questions]

How would you configure your distsearch.conf to allow you to run the search below? sourcetype=access_combined status=200 action=purchase splunk_server_group=HOUSTON

  • A. [distributedSearch:NYC] default = false servers = nyc1:8089, nyc2:8089 [distributedSearch:HOUSTON] default = false servers = houston1:8089, houston2:8089
  • B. [distributedSearch] servers =nyc1, nyc2, houston1, houston2 [distributedSearch:NYC] default = false servers = nyc1, nyc2 [distributedSearch:HOUSTON] default = false servers = houston1, houston2
  • C. [distributedSearch] servers =nyc1:8089, nyc2:8089, houston1:8089, houston2:8089 [distributedSearch:NYC] default = false servers = nyc1:8089, nyc2:8089 [distributedSearch:HOUSTON] default = false servers = houston1:8089, houston2:8089
  • D. [distributedSearch] servers =nyc1:8089; nyc2:80893; houston1:8089; houston2:8089 [distributedSearch:NYC] default = false servers = nyc1:8089; nyc2:8089 [distributedSearch:HOUSTON] default = false servers = houston1:80897706; houston2:80898350
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by boruilei at Nov. 6, 2020, 3:33 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
nottyan
Highly Voted 4 years, 3 months ago
I think C is Ans. https://docs.splunk.com/Documentation/Splunk/8.1.0/DistSearch/Distributedsearchgroups
upvoted 12 times
...
newrose
Highly Voted 4 years, 2 months ago
In my opinion it is C: Example from https://docs.splunk.com/Documentation/Splunk/8.1.0/DistSearch/Distributedsearchgroups: [distributedSearch] # This stanza lists the full set of search peers. servers = 192.168.1.1:8089, 192.168.1.2:8089, 175.143.1.1:8089, 175.143.1.2:8089, 175.143.1.3:8089 [distributedSearch:NYC] # This stanza lists the set of search peers in New York. default = false servers = 192.168.1.1:8089, 192.168.1.2:8089 [distributedSearch:SF] # This stanza lists the set of search peers in San Francisco. default = false servers = 175.143.1.1:8089, 175.143.1.2:8089, 175.143.1.3:8089 And specifications from distsearch.conf: servers = <comma-separated list> * An initial list of servers. * Each member of this list must be a valid URI in the format of scheme://hostname:port
upvoted 10 times
...
NastyNutsu
Most Recent 1 month ago
Selected Answer: C
[distributedSearch] servers = nyc1:8089, nyc2:8089, houston1:8089, houston2:8089 [distributedSearch:NYC] default = false servers = nyc1:8089, nyc2:8089 [distributedSearch:HOUSTON] default = false servers = houston1:8089, houston2:8089 B is wrong because the nyc1, nyc2, houston1, and houston2 doesn't have ports associated with them C is the answer
upvoted 1 times
...
HR1234
7 months, 3 weeks ago
Selected Answer: C
C is Ans
upvoted 1 times
...
tmmt
2 years ago
Selected Answer: C
Is C, others have invalid parameter separator, port and invalid stanza for distsearch
upvoted 2 times
...
toney_mu
2 years ago
I would choose C https://docs.splunk.com/Documentation/Splunk/9.0.0/DistSearch/Distributedsearchgroups
upvoted 1 times
...
Steve2610
2 years, 6 months ago
Selected Answer: B
B I think
upvoted 1 times
...
Marco63
2 years, 10 months ago
Selected Answer: C
see https://docs.splunk.com/Documentation/Splunk/8.0.3/DistSearch/Distributedsearchgroups The servers attribute lists groups of search peers by IP address and management port. The servers list for each search group must be a subset of the list in the general [distributedSearch] stanza.
upvoted 2 times
...
rafiki31
2 years, 10 months ago
A is also correct to me: "the full set of search peers in the [distributedSearch] stanza will be queried when the search does not specify a search group." https://docs.splunk.com/Documentation/Splunk/8.1.0/DistSearch/Distributedsearchgroups Here the search specifies the search group
upvoted 1 times
...
Apis
3 years, 1 month ago
Selected Answer: C
C is correct
upvoted 2 times
...
ArDeKu
3 years, 11 months ago
The answer is C.. Refer link - https://docs.splunk.com/Documentation/Splunk/8.0.3/DistSearch/Distributedsearchgroups
upvoted 3 times
...
boruilei
4 years, 3 months ago
i think d is ans
upvoted 1 times
Ashton_98
4 years, 2 months ago
100% not D. You can't have ports over 65,535.
upvoted 2 times
...
AngusBlack
3 years, 7 months ago
Plus they are supposed to be comma separated, not colons
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago