The universal forwarder has which capabilities when sending data? (select all that apply)
In case of a conflict between a whitelist and a blacklist input setting, which one is used?
In which Splunk configuration is the SEDCMD used?
https://docs.splunk.com/Documentation/Splunk/8.0.5/Forwarding/Forwarddatatothird-partysystemsd
'You can specify a SEDCMD configuration in props.conf to address data that contains characters that the third-party server cannot process. '
Which of the following are supported configuration methods to add inputs on a forwarder? (select all that apply)
https://docs.splunk.com/Documentation/Forwarder/8.2.1/Forwarder/HowtoforwarddatatoSplunkEnterprise
'You can collect data on the universal forwarder using several methods. Define inputs on the universal forwarder with the CLI. You can use the CLI to define inputs on the universal forwarder. After you define the inputs, the universal forwarder collects data based on those definitions as long as it has access to the data that you want to monitor. Define inputs on the universal forwarder with configuration files. If the input you want to configure does not have a CLI argument for it, you can configure inputs with configuration files. Create an inputs.conf file in the directory, $SPLUNK_HOME/etc/system/local