Exam Name: | Splunk Cloud Certified Admin | ||
Exam Code: | SPLK-1005 Dumps | ||
Vendor: | Splunk | Certification: | Splunk Certification |
Questions: | 60 Q&A's | Shared By: | arla |
A Splunk Cloud administrator is looking to allow a new group of Splunk users in the marketing department to access the Splunk environment and view a dashboard with relevant data. These users need to access marketing data (stored in the marketing_data index), but shouldn't be able to access other data, such as events related to security or operations.
Which approach would be the best way to accomplish these requirements?
Which of the following is correct in regard to configuring a Universal Forwarder as an Intermediate Forwarder?
What syntax is required in inputs.conf to ingest data from files or directories?