SplunkSplunk
SPLK-1003 · Question #3
SPLK-1003 Question #3: Real Exam Question with Answer & Explanation
The correct answer is B: /var/log/maillog. See the full explanation below for the reasoning.
Splunk Deployment and Licensing
Question
This file has been manually created on a universal forwarder A new Splunk admin comes in and connects the universal forwarders to a deployment server and deploys the same app with a new Which file is now monitored?
Options
- A/var/log/messages
- B/var/log/maillog
- C/var/log/maillog and /var/log/messages
- Dnone of the above
Topics
#Universal Forwarder#Deployment Server#Configuration Precedence#App Deployment
Community Discussion
No community discussion yet for this question.