nerdexam
Palo_Alto_Networks

XSIAM-ENGINEER · Question #25

XSIAM-ENGINEER Question #25: Real Exam Question with Answer & Explanation

The correct answer is A. Install a Broker VM in the environment, and configure the CSV Collector to collect the files of. The correct approach is to install a Broker VM in the environment and configure its CSV Collector applet to ingest the .csv log files directly from the Ubuntu server. This enables secure ingestion of custom application logs into Cortex XSIAM without modifying the application or r

Question

An application which ingests custom application logs is hosted in an on-premises virtual environment on an Ubuntu server, and it logs locally to a .csv file. Which set of actions will allow the ingestion of the .csv logs into Cortex XSIAM directly from the server?

Options

  • AInstall a Broker VM in the environment, and configure the CSV Collector to collect the files of
  • BInstall a Cortex XDR agent on the Ubuntu server, and configure the agent to collect the files of
  • CInstall a Broker VM in the environment, and migrate the application to the Broker VM.
  • DInstall XDR Collector on the Ubuntu server, and configure the agent to collect the files of interest.

Explanation

The correct approach is to install a Broker VM in the environment and configure its CSV Collector applet to ingest the .csv log files directly from the Ubuntu server. This enables secure ingestion of custom application logs into Cortex XSIAM without modifying the application or requiring an XDR agent on the server.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full XSIAM-ENGINEER Practice