Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

LPI Exam 701-100 Topic 7 Question 78 Discussion

Actual exam question for LPI's 701-100 exam
Question #: 78
Topic #: 7
[All 701-100 Questions]

Which of the log messages below matches the following Logstash grok filter?

grok {

match => [''message'', ''%{SYSLOGBASE} new node %{IPORHOST:node}'' ]

}

Show Suggested Answer Hide Answer
Suggested Answer: C

Contribute your Thoughts:

Marvel
2 months ago
Option C is the real winner here. It's the only one that makes me wonder if the node is actually the process ID.
upvoted 0 times
...
Casie
2 months ago
That makes sense, I see your point. Option B does seem to fit the grok filter better.
upvoted 0 times
...
Ira
2 months ago
Option E is the way to go, because it's the only one that looks like it was written by a drunk logger.
upvoted 0 times
Lucia
29 days ago
User4: Yeah, the format is definitely different from the rest.
upvoted 0 times
...
Pamella
1 months ago
User3: Option E is the odd one out for sure.
upvoted 0 times
...
Tammi
1 months ago
User2: I agree, it does look like it was written by a drunk logger.
upvoted 0 times
...
Naomi
1 months ago
User1: I think option E is the correct one.
upvoted 0 times
...
...
Eve
2 months ago
I disagree, I believe option B is the correct match as it includes the IP address after 'new node'.
upvoted 0 times
...
Mendy
3 months ago
Option B seems like the clear winner here. It's the only one that doesn't look like a complete mess.
upvoted 0 times
...
Gregoria
3 months ago
Option B is the way to go. It's the only one that has the log message in the correct order and format.
upvoted 0 times
Lonna
2 months ago
Option B it is then, thanks for pointing that out.
upvoted 0 times
...
Ettie
2 months ago
I agree, option B is the only one that fits the grok filter.
upvoted 0 times
...
Herminia
2 months ago
I think option B is the correct match.
upvoted 0 times
...
...
Franklyn
3 months ago
I'm leaning towards Option B as well. The log message has the hostname, timestamp, and node information in the expected format.
upvoted 0 times
...
Casie
3 months ago
I think option A matches the grok filter because it has the correct format.
upvoted 0 times
...
Daniela
3 months ago
Option B looks good to me. It matches the format of the Logstash grok filter.
upvoted 0 times
Suzan
2 months ago
Yes, option B follows the format specified in the Logstash grok filter.
upvoted 0 times
...
Effie
2 months ago
Option B seems to be the best match for the grok filter.
upvoted 0 times
...
Verda
3 months ago
I agree, option B fits the Logstash grok filter.
upvoted 0 times
...
Fidelia
3 months ago
I think option B is the correct match.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77