Which of the following types of data count against the license daily quota?
When configuring monitor inputs with whitelists or blacklists, what is the supported method of filtering the lists?
Which of the following is a valid distributed search group?
Consider the following stanza in inputs.conf:
What will the value of the source filed be for events generated by this scripts input?
Running this search in a distributed environment:
On what Splunk component does the eval command get executed?