Exam SPLK-3003 All QuestionsBrowse all questions from this exam
Question 56

A customer is using regex to whitelist access logs and secure logs from a web server, but only the access logs are being ingested. Which troubleshooting resource would provide insight into why the secure logs are not being ingested?

    Correct Answer: D

    To troubleshoot why secure logs are not being ingested, the tailingprocessor is the appropriate resource. It shows the status of files being monitored and processed by the system, helping to identify issues with file ingestion.

Discussion
frappeOption: D

TailingProcessor shows monitored (tailed) files

jbabbinOption: D

Should be "D"

prajg85Option: D

Ans is D

cornripperOption: D

D, TailingProcessor. You should have covered this in Core Implementation and used it in the labs.

RedtonyeahOption: D

D is the correct

jbabbin

More examples https://docs.splunk.com/Documentation/Splunk/8.1.1/Data/Troubleshoottheinputprocess

jbabbinOption: D

TailingProcessor is used to show fileing being processed https://community.splunk.com/t5/Getting-Data-In/How-to-find-status-of-files-being-monitored/m-p/136792