Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Splunk Discussions

Exam SPLK-1003 topic 1 question 35 discussion

Actual exam question from Splunk's SPLK-1003
Question #: 35
Topic #: 1
[All SPLK-1003 Questions]

How would you configure your distsearch.conf to allow you to run the search below? sourcetype=access_combined status=200 action=purchase splunk_server_group=HOUSTON

  • A. [distributedSearch:NYC] default = false servers = nyc1:8089, nyc2:8089 [distributedSearch:HOUSTON] default = false servers = houston1:8089, houston2:8089
  • B. [distributedSearch] servers =nyc1, nyc2, houston1, houston2 [distributedSearch:NYC] default = false servers = nyc1, nyc2 [distributedSearch:HOUSTON] default = false servers = houston1, houston2
  • C. [distributedSearch] servers =nyc1:8089, nyc2:8089, houston1:8089, houston2:8089 [distributedSearch:NYC] default = false servers = nyc1:8089, nyc2:8089 [distributedSearch:HOUSTON] default = false servers = houston1:8089, houston2:8089
  • D. [distributedSearch] servers =nyc1:8089; nyc2:80893; houston1:8089; houston2:8089 [distributedSearch:NYC] default = false servers = nyc1:8089; nyc2:8089 [distributedSearch:HOUSTON] default = false servers = houston1:80897706; houston2:80898350
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by boruilei at Nov. 6, 2020, 3:33 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
nottyan
Highly Voted 3 years, 7 months ago
I think C is Ans. https://docs.splunk.com/Documentation/Splunk/8.1.0/DistSearch/Distributedsearchgroups
upvoted 12 times
...
newrose
Highly Voted 3 years, 7 months ago
In my opinion it is C: Example from https://docs.splunk.com/Documentation/Splunk/8.1.0/DistSearch/Distributedsearchgroups: [distributedSearch] # This stanza lists the full set of search peers. servers = 192.168.1.1:8089, 192.168.1.2:8089, 175.143.1.1:8089, 175.143.1.2:8089, 175.143.1.3:8089 [distributedSearch:NYC] # This stanza lists the set of search peers in New York. default = false servers = 192.168.1.1:8089, 192.168.1.2:8089 [distributedSearch:SF] # This stanza lists the set of search peers in San Francisco. default = false servers = 175.143.1.1:8089, 175.143.1.2:8089, 175.143.1.3:8089 And specifications from distsearch.conf: servers = <comma-separated list> * An initial list of servers. * Each member of this list must be a valid URI in the format of scheme://hostname:port
upvoted 9 times
...
HR1234
Most Recent 6 days, 1 hour ago
Selected Answer: C
C is Ans
upvoted 1 times
...
tmmt
1 year, 4 months ago
Selected Answer: C
Is C, others have invalid parameter separator, port and invalid stanza for distsearch
upvoted 2 times
...
toney_mu
1 year, 4 months ago
I would choose C https://docs.splunk.com/Documentation/Splunk/9.0.0/DistSearch/Distributedsearchgroups
upvoted 1 times
...
Steve2610
1 year, 11 months ago
Selected Answer: B
B I think
upvoted 1 times
...
Marco63
2 years, 2 months ago
Selected Answer: C
see https://docs.splunk.com/Documentation/Splunk/8.0.3/DistSearch/Distributedsearchgroups The servers attribute lists groups of search peers by IP address and management port. The servers list for each search group must be a subset of the list in the general [distributedSearch] stanza.
upvoted 2 times
...
rafiki31
2 years, 2 months ago
A is also correct to me: "the full set of search peers in the [distributedSearch] stanza will be queried when the search does not specify a search group." https://docs.splunk.com/Documentation/Splunk/8.1.0/DistSearch/Distributedsearchgroups Here the search specifies the search group
upvoted 1 times
...
Apis
2 years, 6 months ago
Selected Answer: C
C is correct
upvoted 2 times
...
ArDeKu
3 years, 3 months ago
The answer is C.. Refer link - https://docs.splunk.com/Documentation/Splunk/8.0.3/DistSearch/Distributedsearchgroups
upvoted 3 times
...
boruilei
3 years, 8 months ago
i think d is ans
upvoted 1 times
Ashton_98
3 years, 7 months ago
100% not D. You can't have ports over 65,535.
upvoted 2 times
...
AngusBlack
3 years ago
Plus they are supposed to be comma separated, not colons
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
ex Want to SAVE BIG on Certification Exam Prep?
close
ex Unlock All Exams with ExamTopics Pro 75% Off
  • arrow Choose From 1000+ Exams
  • arrow Access to 10 Exams per Month
  • arrow PDF Format Available
  • arrow Inline Discussions
  • arrow No Captcha/Robot Checks
Limited Time Offer
Ends in

Claim Offer Now
286 people claimed it in the last 6 hours