InterviewQueries.

Splunk MCQ

Sharad Jaiswal
23rd Mar, 2021

We have listed here the best Splunk MCQ Questions for your basic knowledge of Splunk. This Splunk Test contains 25 multiple Choice Questions. You have to select the right answer to every question.

Splunk MCQ Questions

1) Identify the component of Splunk?

A. Search Head
B.Forwarder
C.Indexer
D.All of the above

2) Which of the following type of Splunk Forwarders?

A. Heavyweight Forwarder
B.Universal Forwarder
C.Both 1 and 2
D.None of these

3) Select the feature doesn't available in Splunk Free?

A. Forwarding in TCP/HTTP (to non-Splunk)
B.Authentication and scheduled searches/alerting
C.Distributed search
D.All of the above

4) Which of the following configuration file of Splunk?

A. Server file
B.Inputs file
C.Transforms file
D.All of the above

5) Which of the following type of Splunk license?

A. Enterprise license
B.Forwarder license
C.Cluster members license
D.All of the above

6) What is the full form of SOS?

A. Splunk on Splunk
B.Splunk on Spring
C.Spring on Splunk
D.None of these

7) Which of the following role can create data model?

A. power user
B.Admin
C.Both 1 and 2
D.None of these

8) What do you by lookup command?

A. Lookup command is used to reference fields from an internal csv file that matches fields in your event data
B.Lookup command is used to reference fields from an external csv file that matches fields in your event data
C.Lookup command is used to reference fields from an external and internal csv file that matches fields in your event data
D.None of these

9) Is Splunk require agent to forward the data ?

A. True
B.False

10) If you installed Splunk in your local host and you added inputs in splunk ,In which index data is stored by default ?

A. index=_internal
B.index=main
C.Both (a) and (b)
D.sourcetype

11) Does splunk require db to store data ?

A. True
B.False

12) Can read unstructured data in splunk?

A. True
B.False

13) If you want to increase the size of the splunk data storage,where do we add it ?

A. Add more Indexers
B.Add more space to Deployement server
C.Add more space to index
D.Both A & C

14) Is it possible to integrate Splunk with Hadoop ?

A. True
B.False

15) Identify the competitors of the Splunk?

A. Loggly
B.logstash
C.Loglogic
D.All of the above

16) Which of the following category of the SPL commands?

A. Grouping Results
B.Filtering Results
C.Sorting Results
D.All of the above

17) Choose the main background process in Splunk ?

A. splunkWeb
B.Splunkd and search head
C.Splunkd and splunkWeb
D.None of these

18) Can existing license be merged with another lincese?

A. True
B.False

19) Dashboard is portable.

A. True
B.False

20) Which of the following default index size?

A. 50 GB
B.500 MB
C.500 GB
D.50 MB

Leave A Comment :

Your Comment

Valid name is required.

Name *

Valid name is required.

Your Email *

Valid email id is required.

Arduino MCQ Questions 02nd Sep, 2023

3D Printing MCQ 23rd Nov, 2021

Bioinformatics MCQ Questions 12th Mar, 2022

Business Intelligence MCQ 15th Apr, 2022

Salesforce MCQ 28th Feb, 2022

SAP ABAP MCQ 05th Mar, 2022

Related MCQ/Quiz

01st
Nov

Fortran MCQ Questions

Fortran MCQ Questions

01st
Nov

R Programming MCQ Questions

R Programming MCQ Questions

01st
Sep

JSON MCQ

01st
Dec

Perl MCQ Questions

Perl MCQ Questions

01st
Nov

Microprocessor MCQ Questions

Microprocessor MCQ Questions

01st
Nov

Xml MCQ Questions

Xml MCQ Questions