Splunk Enterprise Certified Admin SPLK-1003 Question # 69 Topic 7 Discussion

SPLK-1003 Exam Topic 7 Question 69 Discussion:

Question #: 69

Topic #: 7

Social Security Numbers (PII) data is found in log events, which is against company policy. SSN format is as
follows: 123-44-5678.
Which configuration file and stanza pair will mask possible SSNs in the log events?

props.conf[mask-SSN]REX = (?ms)^(.)\<[SSN>\d{3}-?\d{2}-?(\d{4}.*)$"FORMAT = $1###-##-$2KEY = _raw

props.conf[mask-SSN]REGEX = (?ms)^(.)\<[SSN>\d{3}-?\d{2}-?(\d{4}.*)$"FORMAT = $1###-##-$2DEST_KEY = _raw

transforms.conf[mask-SSN]REX = (?ms)^(.)\<[SSN>\d{3}-?\d{2}-?(\d{4}.*)$"FORMAT = $1###-##-$2DEST_KEY = _raw

transforms.conf[mask-SSN]REGEX = (?ms)^(.)\<[SSN>\d{3}-?\d{2}-?(\d{4}.*)$"FORMAT = $1###-##-$2DEST_KEY = _raw

Get Premium SPLK-1003 Questions

Actual exam question for Splunk SPLK-1003 exam by Onyx17910 at May 1, 2026, 3:57:31 PM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Exam SPLK-1003 All Questions

Splunk Enterprise Certified Admin SPLK-1003 Question # 69 Topic 7 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Exam SPLK-1003 All Questions

Splunk Enterprise Certified Admin SPLK-1003 Question # 69 Topic 7 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval