Splunk SPLK-2001 Exam Practice Test Instant Access

Question 1

Which of the following options would be the best way to identify processor bottlenecks of a search?

AUsing the REST API.

BUsing the search job inspector.

CUsing the Splunk Monitoring Console.

DSearching the Splunk logs using index='' internal''.

Answer : C

Question 2

Which of the following are requirements for arguments sent to the data/indexes endpoint? (Select all that apply.)

ABe url-encoded.

BSpecify the datatype.

CInclude the bucket path.

DInclude the name argument.

Answer : B, D

Question 3

When added to an app's default.meta file, which of the following makes one of its views available to other apps?

Aexport = app

Bexport = none

Cexport = view

Dexport = system

Answer : D

Question 4

Which HTTP Event Collector (HEC) endpoint should be used to collect data in the following format?

{''message'':''Hello World'', ''foo'':''bar'', ''pony'':''buttercup''}

Adata/inputs/http/{name}

Bservices/collector/raw

Cservices/collector

Ddata/inputs/http

Answer : B

Question 5

Assuming permissions are set appropriately, which REST endpoint path can be used by someone with a power user role to access information about mySearch, a saved search owned by someone with a user role?

A/servicesNS/-/data/saved/searches/mySearch

B/servicesNS/object/saved/searches/mySearch

C/servicesNS/search/saved/searches/mySearch

D/servicesNS/-/search/saved/searches/mySearch

Answer : D

Question 6

There is a global search named ''global_search'' defined on a form as shown below:

index-_internal source-*splunkd.log | stats count by component, log_level

Which of the following would be a valid post-processing search? (Select all that apply.)

A| tstats count

Bsourcetype=mysourcetype

Cstats sum(count) AS count by log level

Dsearch log_level=error | stats sum(count) AS count by component

Answer : C, D

Question 7

Which of the following statements define a namespace?

AThe namespace is a combination of the user and the app.

BThe namespace is a combination of the user, the app, and the role.

CThe namespace is a combination of the user, the app, the role, and the sharing level.

DThe namespace is a combination of the user, the app, the role, the sharing level, and the permissions.

Answer : A

Splunk SPLK-2001 Splunk Certified Developer Exam Practice Test