An administrator needs to collect logs from the Command Line Interface (CLI). Which command should the administrator use?

A. /opt/bin/qradar/support/get_logs.sh

B. /opt/support/get_logs.sh

C. /opt/support/qradar/get_logs.sh

D. /opt/qradar/support/get_logs.sh

A QRadar administrator added High Availability (HA) to the Event Processor and needs to verify the crossover link status between the primary and secondary hosts.

Which commands can be used to verify the crossover status? (Choose two.)

A. /opt/qradar/ha/bin/ha_getstate.sh

B. /opt/qradar/ha/bin/getStatus crossover

C. /opt/qradar/ha/bin/qradar_nettune.pl crossover status

D. /opt/qradar/ha/bin/qradar_nettune.pl linkaggr status

E. /opt/qradar/ha/bin/ha cstate

F. cat /proc/drbd

Which event routing rule is required to add QRadar Data Store (QDS) capability to a deployment?

A. Log Only (exclude Analytics)

B. Delete data When storage space is required

C. Bypass Correlation

D. Delete data immediately after the retention period has expired

Which log should be reviewed to determine the reasons a patch installer did not proceed during a QRadar upgrade?

A. /var/log/qradar.audit

B. /var/log/qradar.log

C. /var/log/setup-*/patches.log

D. /var/log/upgrade.log

What is a reason for restarting hostcontext service in QRadar?

A. A new user was created and it needs to be replicated

B. A new network hierarchy was uploaded

C. A new app was installed

D. The host is not responding to deploy requests

Which event QID test is used to send an email as a rule response when disk usage reaches a threshold?

A. (38750076) Disk Sentry Reached Warn threshold

B. (38750076) Disk Sentry Disk Usage Exceeded Warning threshold levels

C. (38750076) Disk Usage Exceeded Warn threshold

D. (38750076) Disk Sentry Disk Usage Exceeded Warn threshold

Which app should be used for monitoring QRadar performance and health?

A. QRadar Deployment Intelligence

B. QRadar Monitoring Intelligence

C. QRadar Extension Management

D. QRadar Performance Overview

An administrator would like to extend the functionality of QRadar using an external application.

Which file format is supported to successfully upload an application from the QRadar Console?

A. .zip

B. .tgz

C. .sh

D. .exe

An administrator installed a new App Host and would like to move the existing applications from the Console to the App Host.

What steps should be performed?

A. Admin Tab > Extension Management > Click to change where apps are run

B. Admin Tab > System Settings > Move apps

C. Admin Tab > Extension Management > Move apps

D. Admin Tab > System and License Management > Click to change where apps are run

When troubleshooting issues with QRadar applications, which application Docker container log file can be used to get more information about the apps?

A. /var/log/qradar.error

B. /var/log/qradar.log

C. /var/log/app.log

D. /store/log/app.log