SPLK-2002 Exam QuestionsBrowse all questions from this exam
Go to Exam

SPLK-2002 Exam - Question 52

Which of the following is a way to exclude search artifacts when creating a diag?

Show Answer
Correct Answer: C

The correct way to exclude search artifacts when creating a diag is to exclude the dispatch directory. This can be done using the command SPLUNK_HOME/bin/splunk diag --disable=dispatch. The ‘--disable=dispatch’ option removes the dispatch component, which includes search artifacts, from the diagnostic data collection process.

Discussion

15 comments
Sign in to comment
M_K_SOption: C
Nov 5, 2020

Should be C

manu78Option: C
Mar 24, 2021

C is correct

sammeOption: C
Nov 20, 2022

C. SPLUNK_HOME/bin/splunk diag --disable=dispatch reference:https://docs.splunk.com/Documentation/Splunk/latest/Troubleshooting/Generateadiag search artifact is a component --disable=<component_name> Remove a component from the work list

[Removed]Option: C
Jan 23, 2021

Exclude the dispatch directory This example excludes content on the component level. Exclude the dispatch directory to avoid gathering search artifacts (which can be very costly on a pooled search head): $SPLUNK_HOME/bin/splunk diag --disable=dispatch https://docs.splunk.com/Documentation/Splunk/8.0.6/Troubleshooting/Generateadiag#Include_or_exclude_content_using_components

sunil299Option: C
Jan 30, 2021

C is correct answer

AnaBeeOption: C
Dec 27, 2021

https://docs.splunk.com/Documentation/Splunk/latest/Troubleshooting/Generateadiag#Exclude_files_from_diag

marvinortega
Dec 4, 2020

https://docs.splunk.com/Documentation/Splunk/8.0.6/Troubleshooting/Generateadiag#Exclude_the_dispatch_directory

manu78Option: C
Mar 16, 2021

C is the correct answer

willsyOption: C
Oct 13, 2022

Exclude the dispatch directory This example excludes content on the component level. Exclude the dispatch directory to avoid gathering search artifacts (which can be very costly on a pooled search head): $SPLUNK_HOME/bin/splunk diag --disable=dispatch Meaning answer is C

deepali_2710Option: C
Apr 27, 2023

Exclude the dispatch directory This example excludes content on the component level. Exclude the dispatch directory to avoid gathering search artifacts (which can be very costly on a pooled search head): $SPLUNK_HOME/bin/splunk diag --disable=dispatch https://docs.splunk.com/Documentation/Splunk/9.0.4/Troubleshooting/Generateadiag#Exclude_the_dispatch_directory

sunil299Option: A
Jan 30, 2021

splunk diag --exclude "*/passwd" --exclude "*/dispatch/*" Files excluded by the --exclude feature are listed in excluded_filelist.txt in the diag bundle to ensure Splunk Support can interpret the diag.

zikomu123Option: A
Jun 3, 2022

A seems correct--> A. SPLUNK_HOME/bin/splunk diag --exclude

gueguet57
Jan 14, 2023

No this is to exclude files and not search artifacts

lzng3rOption: C
Mar 10, 2023

Exclude the dispatch directory to avoid gathering search artifacts

KiranVMOption: C
Mar 21, 2023

C. SPLUNK_HOME/bin/splunk diag --disable=dispatch

qtygbapjpesdayazkoOption: C
Jun 7, 2023

C. SPLUNK_HOME/bin/splunk diag --disable=dispatch