Splunk SPLK-2001 Exam Questions Instant Access

Question 1

Which HTTP Event Collector (HEC) endpoint should be used to collect data in the following format?

{''message'':''Hello World'', ''foo'':''bar'', ''pony'':''buttercup''}

Adata/inputs/http/{name}

Bservices/collector/raw

Cservices/collector

Ddata/inputs/http

Answer : B

Question 2

After updating a dashboard in myApp, a Splunk admin moves myApp to a different Splunk instance. After logging in to the new instance, the dashboard is not seen. What could have happened? (Select all that apply.)

AThe dashboard's permissions were set to private.

BUser role permissions are different on the new instance.

CThe admin deleted the myApp/local directory before packaging.

DChanges were placed in: $SPLUNK_HOME/etc/apps/search/default/data/ui/nav

Answer : A, B

Question 3

Which of the following describes a Splunk custom visualization?

AA visualization with custom colors.

BAny visualization available in Splunk.

CA visualization in Splunk modified by the user.

DA visualization that uses the Splunk Custom Visualization API.

Answer : D

Question 4

In order to successfully accelerate a report, which criteria must the search meet? (Select all that apply.)

ACannot use event sampling.

BUse a transforming command.

CUse a standard Splunk visualization.

DCommands before the first transforming command must be streamable.

Answer : A, B, D

Question 5

Which of the following options would be the best way to identify processor bottlenecks of a search?

AUsing the REST API.

BUsing the search job inspector.

CUsing the Splunk Monitoring Console.

DSearching the Splunk logs using index='' internal''.

Answer : C

Question 6

Which of the following is an example of a valid syntax for specifying an absolute time range modifier in a search?

Aearliest=01/01/2019:00:00:00

Bearliest=01/01/2019T00:00:00

Cearliest=2019-01-01 00:00:00

Dearliest=2019-01-01T00:00:00

Answer : A

Question 7

Which of the following is true of a namespace?

AThe namespace is a type of token filter.

BThe namespace includes an app attribute which cannot be a wildcard.

CThe namespace filters the knowledge objects returned by the REST API.

DThe namespace does not filter knowledge objects returned by the REST API.

Answer : D

Splunk Certified Developer SPLK-2001 Exam Questions