![]() But, there is no one single tool other than Splunk that can do all of these operations and that is where Splunk comes out of the box and makes a difference. You can answer that question by saying that Splunk has a lot of competition in the market for analyzing machine logs, doing business intelligence, for performing IT operations and providing security. This kind of question is asked to understand the scope of your knowledge. Why use only Splunk? Why can’t I go for something that is open source? You can find more details about the working of Splunk here: Splunk Architecture: Tutorial On Forwarder, Indexer And Search Head. The Search Head is then used for searching, analyzing, visualizing and performing various other functions on the data stored in the Indexer. The Indexer will store the data locally in a host machine or on cloud. The Forwarder acts like a dumb agent which will collect the data from the source and forward it to the Indexer. This is a sure-shot question because your interviewer will judge this answer of yours to understand how well you know the concept. Making use of deployment servers is an advantage because connotations, path naming conventions and machine naming conventions which are independent of every host/machine can be easily controlled using the deployment server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |