Examice

Exam SPLK-3003 All QuestionsBrowse all questions from this exam

Question 53

A customer has a network device that transmits logs directly with UDP or TCP over SSL. Using PS best practices, which ingestion method should be used?

Open a TCP port with SSL on a heavy forwarder to parse and transmit the data to the indexing tier.

Open a UDP port on a universal forwarder to parse and transmit the data to the indexing tier.

Use a syslog server to aggregate the data to files and use a heavy forwarder to read and transmit the data to the indexing tier.

Use a syslog server to aggregate the data to files and use a universal forwarder to read and transmit the data to the indexing tier.

Correct Answer: A

The customer needs a method to transmit logs securely using UDP or TCP over SSL. To follow best practices, a heavy forwarder would be most effective as it has the capability to handle SSL encryption and parse data efficiently. Opening a TCP port with SSL on a heavy forwarder ensures that the logs are securely transmitted and properly parsed before being sent to the indexing tier. Using a heavy forwarder in this context is more secure and efficient compared to other methods that may not handle SSL or parsing as effectively.

Discussion

RedtonyeahOption: D

D is the correct

Steve2610

Page 51

Steve2610

D is the answer

hpbdcbOption: D

best practice is D