Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Splunk Exam SPLK-1005 Topic 12 Question 11 Discussion

Actual exam question for Splunk's SPLK-1005 exam
Question #: 11
Topic #: 12
[All SPLK-1005 Questions]

Given the following set of files, which of the monitor stanzas below will result in Splunk monitoring all of the files ending with .log?

Files:

/var/log/www1/secure.log

/var/log/www1/access.log

/var/log/www2/logs/secure.log

/var/log/www2/access.log

/var/log/www2/access.log.1

Show Suggested Answer Hide Answer
Suggested Answer: B

The ellipsis (...) in [monitor:///var/log/.../*.log] allows Splunk to monitor files ending in .log in all nested directories under /var/log/. [Reference: Splunk Docs on monitor stanza syntax]


by Lenny at Feb 08, 2025, 09:38 AM

Limited Time Offer

25%

Off

Get Premium SPLK-1005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Deeanna
3 months ago
Option C looks like it would capture all the files in the subdirectories, but not just the ones ending in .log. I'd go with A to be safe.
upvoted 0 times
...
Elinore
3 months ago
Haha, what if someone threw in a file called 'secure.log.1' just to mess with us? These Splunk questions can be tricky!
upvoted 0 times
Cheryll
2 months ago
Lottie: Good point, I'll go with option B then
upvoted 0 times
...
Pamella
2 months ago
User 3: Yeah, option B covers all the files in different directories with the same extension
upvoted 0 times
...
Lottie
2 months ago
User 2: I think option B would be the best choice to monitor all files ending with .log
upvoted 0 times
...
Charlesetta
2 months ago
User 1: That would definitely be a sneaky move!
upvoted 0 times
...
...
Daniel
3 months ago
I think Option A is the way to go. The '/*/*.log' pattern will match all the .log files in the immediate subdirectories of /var/log.
upvoted 0 times
...
Charlie
3 months ago
I'm not sure about B. Doesn't the '...' wildcard match any number of directories? Wouldn't that potentially include more files than just the ones ending in .log?
upvoted 0 times
Darci
2 months ago
A) [monitor:///var/log/*/*.log]
upvoted 0 times
...
Elfrieda
2 months ago
I think B would include all files ending in .log within any number of directories.
upvoted 0 times
...
Pearly
2 months ago
C) [monitor:///var/log/*/*]
upvoted 0 times
...
Colby
2 months ago
B) [monitor:///var/log/.../*.log]
upvoted 0 times
...
Ernest
3 months ago
B) [monitor:///var/log/.../*.log]
upvoted 0 times
...
Junita
3 months ago
A) [monitor:///var/log/*/*.log]
upvoted 0 times
...
Dewitt
3 months ago
A) [monitor:///var/log/*/*.log]
upvoted 0 times
...
...
Malinda
3 months ago
But A specifies monitoring all files ending with .log in any subdirectory, while B specifies monitoring all files ending with .log in any depth of subdirectories.
upvoted 0 times
...
Nan
4 months ago
I disagree, I believe the correct answer is B.
upvoted 0 times
...
Malinda
4 months ago
I think the answer is A.
upvoted 0 times
...
Lelia
4 months ago
Option B seems the most straightforward way to capture all the .log files across the different directories.
upvoted 0 times
Tiera
3 months ago
I agree, option B covers all the .log files in different directories.
upvoted 0 times
...
Arlene
3 months ago
I think option B is the correct one.
upvoted 0 times
...
...

Save Cancel