Unused Events in Event Processing Systems Quiz
20 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which node calculates the unused events and sends the value to the central decision-making engine?

  • Event entry node
  • Worker
  • Supervisor (correct)
  • Collector

What is the total incoming EPS from the three collectors in the example?

  • 175 (correct)
  • 93,600
  • 31,500
  • 71,460

What is the total unused events in the example?

  • 31,500
  • 175
  • 93,600
  • 71,460 (correct)

What is the formula to calculate the total number of allowed events for the next three-minute interval?

<p>licensed EPS + unused reservoir + 10% buffer (D)</p> Signup and view all the answers

What is the licensed EPS in the example?

<p>520 (B)</p> Signup and view all the answers

What is the total number of allowed events for the next three-minute interval in the example?

<p>191,862 (B)</p> Signup and view all the answers

When does the process of building the EPS reservoir start over for the next day?

<p>Every day at midnight (A)</p> Signup and view all the answers

What is the restriction on the number of events that can be carried over to the next day at midnight?

<p>50% (B)</p> Signup and view all the answers

What is the EPS reservoir used for in FortiSIEM?

<p>To store events during event bursts (A)</p> Signup and view all the answers

What is the purpose of the 10% buffer in the formula to calculate the total number of allowed events?

<p>To increase the number of allowed events (B)</p> Signup and view all the answers

FortiSIEM can use events in the EPS reservoir if the system suddenly needs to process more than the license.

<p>The system will automatically allocate more EPS from the reservoir (B)</p> Signup and view all the answers

In the phoenix.log file, you can see the licensed, allowed, used, and unused (reservoir) values every three minutes.

<p>On the Usage page of the FortiSIEM GUI (C)</p> Signup and view all the answers

What does the supervisor node in FortiSIEM do?

<p>It communicates EPS values to every node (D)</p> Signup and view all the answers

What features are supported by the FortiSIEM Windows agent?

<p>All features by default (D)</p> Signup and view all the answers

What is the purpose of the auditd daemon on Linux?

<p>To write audit records to the disk (D)</p> Signup and view all the answers

What happens to the allowed events and unused reservoir values in the phoenix.log file?

<p>They keep increasing (B)</p> Signup and view all the answers

What is the supervisor node's role in FortiSIEM agent management?

<p>To manage FortiSIEM Windows and Linux agents (C)</p> Signup and view all the answers

How are logs collected by the Linux agent delivered to FortiSIEM?

<p>Over HTTPS (B)</p> Signup and view all the answers

What is the purpose of the EPS reservoir in FortiSIEM?

<p>To provide additional EPS when needed (B)</p> Signup and view all the answers

What types of nodes are there in a FortiSIEM deployment?

<p>Supervisor, worker, and collector nodes (B)</p> Signup and view all the answers

More Like This

Disclosure of Unused material
40 questions
Taxable Unused Land Regulations
29 questions
Use Quizgecko on...
Browser
Browser