Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SPLK-2001 Exam Dumps - Splunk Certified Developer

Question # 4

Which of the following describes a Splunk custom visualization?

A.

A visualization with custom colors.

B.

Any visualization available in Splunk.

C.

A visualization in Splunk modified by the user.

D.

A visualization that uses the Splunk Custom Visualization API.

Full Access
Question # 5

Which of the following is a security best practice?

A.

Enable XSS.

B.

Eliminate all escape characters.

C.

Ensure the app passes App Certification.

D.

Ensure components have no Common Vulnerabilities and Exposures (CVE) vulnerabilities.

Full Access
Question # 6

Which of the following options would be the best way to identify processor bottlenecks of a search?

A.

Using the REST API.

B.

Using the search job inspector.

C.

Using the Splunk Monitoring Console.

D.

Searching the Splunk logs using index=“internal”.

Full Access
Question # 7

Which of the following are ways to get a list of search jobs? (Select all that apply.)

A.

Access Activity > Jobs with Splunk Web.

B.

Use Splunk REST to query the /services/search/jobs endpoint.

C.

Use Splunk REST to query the /services/saved/searches endpoint.

D.

Use Splunk REST to query the /services/search/sid/results endpoint.

Full Access
Question # 8

Which of the following are valid request arguments for the REST search endpoints? (Select all that apply.)

A.

latest_time=rt

B.

latest_time=now

C.

earliest_time=-5h@h

D.

earliest_time=rt_10m@m

Full Access
Question # 9

When updating a knowledge object via REST, which of the following are valid values for the sharing Access Control List property?

A.

App

B.

User

C.

Global

D.

Nobody

Full Access
Question # 10

Which of the following log files contains logs that are most relevant to Splunk Web?

A.

audit.log

B.

metrics.log

C.

splunkd.log

D.

web_service.log

Full Access
Question # 11

Using Splunk Web to modify config settings for a shared object, a revised config file with those changes is placed in which directory?

A.

$SPLUNK_HOME/etc/apps/myApp/local

B.

$SPLUNK_HOME/etc/system/default/

C.

$SPLUNK_HOME/etc/system/local

D.

$SPLUNK_HOME/etc/apps/myApp/default

Full Access
Question # 12

A dashboard is taking too long to load. Several searches start with the same SPL. How can the searches be optimized in this dashboard? (Select all that apply.)

A.

Convert searches to include NOT expressions.

B.

Restrict the time range of the search as much as possible.

C.

Replace | stats command with | transaction command wherever possible.

D.

Convert the common SPL into a Global Search and convert the other searches to post-processing searches.

Full Access
Question # 13

What must be done when calling the service NS endpoint?

A.

Authenticate with an admin user.

B.

Specify the user and app context in the URI.

C.

Authenticate with the user of the required context.

D.

Pass the user and app context in the request payload.

Full Access
Question # 14

Which of the following statements defines a namespace?

A.

The namespace is a combination of the user and the app.

B.

The namespace is a combination of the user, the app, and the role.

C.

The namespace is a combination of the user, the app, the role, and the sharing level.

D.

The namespace is a combination of the user, the app, the role, the sharing level, and the permissions.

Full Access
Question # 15

Which of the following ensures that quotation marks surround the value referenced by the token?

A.

$token_name|s$

B.

“$token_name$”

C.

($token_name$)

D.

\“$token_name$\”

Full Access
Question # 16

Which of the following are types of event handlers? (Select all that apply.)

A.

Search

B.

Set token

C.

Form input

D.

Visualization

Full Access
Question # 17

Which of the following are valid parent elements for the event action shown below? (Select all that apply.)

sourcetype=$click.value|s$

A.

B.

C.

D.

Full Access
Question # 18

How can hiding or showing a panel by clicking on a chart or a table on the same form be performed?

A.

By using vent drilldown.

B.

By using workflow action.

C.

By using contextual drilldown.

D.

By using visualization drilldown.

Full Access
Question # 19

What application security best practices should be adhered to while developing an app for Splunk? (Select all that apply.)

A.

Review the OWASP Top Ten List.

B.

Store passwords in clear text in .conf files.

C.

Review the OWASP Secure Coding Practices Quick Reference Guide.

D.

Ensure that third-party libraries that the app depends on have no outstanding CVE vulnerabilities.

Full Access
Question # 20

After updating a dashboard in myApp, a Splunk admin moves myApp to a different Splunk instance. After logging in to the new instance, the dashboard is not seen. What could have happened? (Select all that apply.)

A.

The dashboard’s permissions were set to private.

B.

User role permissions are different on the new instance.

C.

The admin deleted the myApp/local directory before packaging.

D.

Changes were placed in $SPLUNK_HOME/etc./apps/search/default/data/ui/nav

Full Access
Question # 21

How can event logs be collected from a remote Windows machine using a standard Splunk installation and no customization? (Select all that apply.)

A.

By configuring a WMI input.

B.

By using HTTP event collector.

C.

By using a Windows heavy forwarder.

D.

By using a Windows universal forwarder.

Full Access