What are the different types of data inputs in splunk?
Explain replication factor (rf)?
How data ages in splunk?
Why should we use splunk alert? What are the different options while setting up alerts?
Explain file precedence in splunk.
What is the difference between splunk app and add-on?
How can we extract fields?
Give a few use cases of knowledge objects.
Why can’t I go for something that is open source other than splunk?
What is a lookup command? Differentiate between inputlookup & outputlookup commands.
Why should we use splunk alert?
How to assign colors in a chart based on field names in splunk ui?
What is the difference between ‘eval’, ‘stats’, ‘charts’ and ‘timecharts’ command?
What is the use of time zone property in splunk?
What is a lookup command?
