Explain about Splunk architecture and various stages?
What are types of field extraction. How to mask a data in either of case?
What is join command and what are various flavours of join command?
What are the Types Of Splunk Forwarder?
What are the types of search modes supported in splunk?
How do we sync and deploy configurational files and updates across multiple deployment servers in a large multi layered clustered?
Which command is used to the “filtering results” category- explain?
How can you exclude some events from being indexed in Splunk?
How do we find total number of host or source type reporting splunk instance. Report should consider host across the cluster?
How to Rollback your splunk web configuration bundle to previous version?
How you will uncompressed the file? How to install Splunk/app using the Splunk Enterprise .tgz file?
What is the difference between Splunk apps and add-ons?
What would you use to edit contents of the file in Linux? Describe some of the important commands mode in vi editor?
What is the command to stop and start Splunk service?
Give me the syntax of Case command?
