Microsoft
Amazon
CompTIA
Salesforce
Cisco®
SAP
PMI
ISC
ISACA
VMware
HP
Palo Alto Networks
EC-Council
LPI
Google
Fortinet
All Vendors
  2. Home
  3. Exam List
  4. Splunk®
  5. SPLK-2002

Splunk Enterprise Certified Architect
SPLK-2002 Exam

Which of the following will cause the greatest reduction in disk size requirements for a cluster of N indexers running Splunk Enterprise Security?

  1. Setting the cluster search factor to N-1.
  2. Increasing the number of buckets per index.
  3. Decreasing the data model acceleration range.
  4. Setting the cluster replication factor to N-1.

Answer(s): D


Reference:

https://docs.splunk.com/Documentation/Splunk/7.3.2/Indexer/Systemrequirements



Stakeholders have identified high availability for searchable data as their top priority. Which of the following best addresses this requirement?

  1. Increasing the search factor in the cluster.
  2. Increasing the replication factor in the cluster.
  3. Increasing the number of search heads in the cluster.
  4. Increasing the number of CPUs on the indexers in the cluster.

Answer(s): B


Reference:

https://docs.splunk.com/Documentation/Splunk/7.3.2/DistSearch/SHCarchitecture



Search dashboards in the Monitoring Console indicate that the distributed deployment is approaching its capacity. Which of the following options will provide the most search performance improvement?

  1. Replace the indexer storage to solid state drives (SSD).
  2. Add more search heads and redistribute users based on the search type.
  3. Look for slow searches and reschedule them to run during an off-peak time.
  4. Add more search peers and make sure forwarders distribute data evenly across all indexers.

Answer(s): C



A Splunk architect has inherited the Splunk deployment at Buttercup Games and end users are complaining that the events are inconsistently formatted for a web sourcetype. Further investigation reveals that not all web logs flow through the same infrastructure: some of the data goes through heavy forwarders and some of the forwarders are managed by another department. Which of the following items might be the cause for this issue?

  1. The search head may have different configurations than the indexers.
  2. The data inputs are not properly configured across all the forwarders.
  3. The indexers may have different configurations than the heavy forwarders.
  4. The forwarders managed by the other department are an older version than the rest.

Answer(s): D




Darwin
I passed the Novell 640-822 exam on this last Thursday after using your online test and IPad. This is my first experience with your exams. I'll be using your material from now on. In a few days I'll purchase my last study material for the C
- France
Upvote


Bila
Thanks! I passed 070-284 with 880 070-219 next to complete my MCSE.
- Colorado
Upvote


Passed
I just took my Certification testing for 10-184 Microsoft CRM Installation and Configuration. Your test questions definitely covered the essence of the exam material and I easily passed the exam.
- UNITED STATES
Upvote


Ed
I passed the IBM exam successfully
- UNITED STATES
Upvote


Tina
Last week I took the Citrix exam and I passed with a very high mark, more than what I expected. Thanks!!
- Israel
Upvote


Calvin B.
I just took my Certification testing for 10-184 Microsoft CRM Installation and Configuration. Your test questions definitely covered the essence of the exam material and I easily passed the exam.
- Lafayette
Upvote


950+
I just finished my exam this week. It was a good score of 950+.
- UNITED STATES
Upvote


Abdul
I passed the exam on Monday morning and was amazed at how much this site had covered, fortunately that's it for another three years. The tests really did help so thanks!!
- Doha
Upvote


Rose
I passed that exam the first time. And I thank you folks for that. I could not have passed it with out your help.
- South Africa
Upvote


Shourya
I've just done my exam and passed (890) - your materials are spot on.
- UNITED STATES
Upvote

Read more ...