New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Splunk SPLK-1005 Exam - Topic 12 Question 11 Discussion

Actual exam question for Splunk's SPLK-1005 exam
Question #: 11
Topic #: 12
[All SPLK-1005 Questions]

Given the following set of files, which of the monitor stanzas below will result in Splunk monitoring all of the files ending with .log?

Files:

/var/log/www1/secure.log

/var/log/www1/access.log

/var/log/www2/logs/secure.log

/var/log/www2/access.log

/var/log/www2/access.log.1

Show Suggested Answer Hide Answer
Suggested Answer: B

The ellipsis (...) in [monitor:///var/log/.../*.log] allows Splunk to monitor files ending in .log in all nested directories under /var/log/. [Reference: Splunk Docs on monitor stanza syntax]


by Lenny at Feb 08, 2025, 09:38 AM

Limited Time Offer

25%

Off

Get Premium SPLK-1005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Caren
3 months ago
I agree, A is the best option here!
upvoted 0 times
...
Willow
3 months ago
Wait, does D really cover all .log files? Seems off.
upvoted 0 times
...
Bernardo
3 months ago
Definitely A, it matches the pattern perfectly!
upvoted 0 times
...
Val
4 months ago
I think B is the right choice, it looks more inclusive.
upvoted 0 times
...
Felix
4 months ago
Option A will catch all .log files.
upvoted 0 times
...
Denae
4 months ago
I’m confused about option C; it seems like it would include all files in the specified path, but I don't think it filters for .log specifically.
upvoted 0 times
...
Grover
4 months ago
I practiced a similar question, and I feel like option D might be too broad since it includes all file types, not just .log files.
upvoted 0 times
...
William
4 months ago
I'm not entirely sure, but I remember something about the ellipsis in option B. Does that mean it can match subdirectories too?
upvoted 0 times
...
Audra
5 months ago
I think option A is the one that will work because it specifically targets files ending with .log in the right directory structure.
upvoted 0 times
...
Galen
5 months ago
I'm leaning towards option D. The "..." syntax seems to indicate it will match all subdirectories, which should cover the file paths we have.
upvoted 0 times
...
Sean
5 months ago
Option C might work, but it looks like it will match all files in the /var/log/*/*/ directories, not just the .log files.
upvoted 0 times
...
Shaun
5 months ago
Hmm, I'm a bit confused by the "..." syntax in option B. I'm not sure if that will match the file paths correctly.
upvoted 0 times
...
Reuben
5 months ago
I think option A looks good, it seems to match the file paths and extensions we're looking for.
upvoted 0 times
...
Deeanna
11 months ago
Option C looks like it would capture all the files in the subdirectories, but not just the ones ending in .log. I'd go with A to be safe.
upvoted 0 times
...
Elinore
12 months ago
Haha, what if someone threw in a file called 'secure.log.1' just to mess with us? These Splunk questions can be tricky!
upvoted 0 times
Cheryll
11 months ago
Lottie: Good point, I'll go with option B then
upvoted 0 times
...
Pamella
11 months ago
User 3: Yeah, option B covers all the files in different directories with the same extension
upvoted 0 times
...
Lottie
11 months ago
User 2: I think option B would be the best choice to monitor all files ending with .log
upvoted 0 times
...
Charlesetta
11 months ago
User 1: That would definitely be a sneaky move!
upvoted 0 times
...
...
Daniel
1 year ago
I think Option A is the way to go. The '/*/*.log' pattern will match all the .log files in the immediate subdirectories of /var/log.
upvoted 0 times
...
Charlie
1 year ago
I'm not sure about B. Doesn't the '...' wildcard match any number of directories? Wouldn't that potentially include more files than just the ones ending in .log?
upvoted 0 times
Darci
11 months ago
A) [monitor:///var/log/*/*.log]
upvoted 0 times
...
Elfrieda
11 months ago
I think B would include all files ending in .log within any number of directories.
upvoted 0 times
...
Pearly
11 months ago
C) [monitor:///var/log/*/*]
upvoted 0 times
...
Colby
11 months ago
B) [monitor:///var/log/.../*.log]
upvoted 0 times
...
Ernest
11 months ago
B) [monitor:///var/log/.../*.log]
upvoted 0 times
...
Junita
11 months ago
A) [monitor:///var/log/*/*.log]
upvoted 0 times
...
Dewitt
11 months ago
A) [monitor:///var/log/*/*.log]
upvoted 0 times
...
...
Malinda
1 year ago
But A specifies monitoring all files ending with .log in any subdirectory, while B specifies monitoring all files ending with .log in any depth of subdirectories.
upvoted 0 times
...
Nan
1 year ago
I disagree, I believe the correct answer is B.
upvoted 0 times
...
Malinda
1 year ago
I think the answer is A.
upvoted 0 times
...
Lelia
1 year ago
Option B seems the most straightforward way to capture all the .log files across the different directories.
upvoted 0 times
Tiera
1 year ago
I agree, option B covers all the .log files in different directories.
upvoted 0 times
...
Arlene
1 year ago
I think option B is the correct one.
upvoted 0 times
...
...

Save Cancel