Splunk Certified Developer v1.0

Page:    1 / 5   
Exam contains 70 questions
Expand All

Searching ג€index=_internal metrics | head 3ג€ from Splunk Web returned the following events:
04-12-2018 18:39:43.514 +0200 INFO Metrics ג€" group=thruput, name=thruput, instantaneous_kbps=0.9651774014563425, instantaneous_eps=5.645638802094809, average_kbps=1.198995639527069, total_k_processed=2676, kb=29.91796875, ev=175, load_average=3.85888671875
04-12-2018 18:39:43.514 +0200 INFO Metrics ג€" group_thruput, name_syslog_output, instantaneous_kbps=0, instantaneous_eps_0, average_kbps=0, total_k_processed=0, kb=0, ev=0
04-12-2018 18:39:43.513 +0200 INFO Metrics ג€" group_thruput, name_index_thruput, instantaneous_kbps=0.9651773703189551, instantaneous_eps=4.87137960922438, average_kbps=1.1985932324065556, total_k_processed=2675, kb=29.91796875, ev=151
When the same search is required from a REST API call, which fields will be given? (Select all that apply.)

  • A. _raw
  • B. name
  • C. sourcetype
  • D. instantaneous_kbps


Answer : AC

Which of the following are reserved field names in a KV Store? (Select all that apply.)

  • A. _key
  • B. _time
  • C. _user
  • D. _source


Answer : BC

Reference:
https://dev.splunk.com/enterprise/docs/developapps/manageknowledge/kvstore/aboutkvstorecollections/

Which of the following endpoints is used to authenticate with the Splunk REST API?

  • A. /services/auth/login
  • B. /services/session/login
  • C. /services/auth/session/login
  • D. /servicesNS/authentication/login


Answer : A

Reference:
https://docs.splunk.com/Documentation/Splunk/8.1.2/RESTUM/RESTusing

Which of these URLs could be used to construct a REST request to search the employee KV store collection to find records with a rating greater than or equal to
2 and less than 5?

  • A. ג€˜http://localhost:8089/servicesNS/nobody/search/storage/collections/data/employees?query={$and:[{rating:{$gte:2}}, {rating:{$lt:5}}]}&output_mode-jsonג€™
  • B. ג€˜http://localhost:8089/servicesNS/nobody/search/storage/collections/data/employees?query={$and:[{rating:$gte:2}}, {rating:{$lt:5}}]}&output_mode=jsonג€™
  • C. ג€˜http://localhost:8089/servicesNS/nobody/search/storage/collections/data/employees?query={%22rating%22:{%22$gte% 22:2}},{%22$and%22},{%22rating%22:{%22$lt%22:5}}}&output_mode=jsonג€™
  • D. ג€˜http://localhost:8089/servicesNS/nobody/search/storage/collections/data/employees?query={%22$and%22:[{%22rating%22: {%22$gte%22:2}},{%22rating%22:{%22$lt%22:5}}]}&output_mode=jsonג€™


Answer : C

Which of the following log files contains logs that are most relevant to Splunk Web?

  • A. audit.log
  • B. metrics.log
  • C. splunkd.log
  • D. web_service.log


Answer : D

Reference:
https://docs.splunk.com/Documentation/Splunk/8.1.2/Troubleshooting/WhatSplunklogsaboutitself

Place content to set on page load inside which of the following Simple XML tags?

  • A. <set></set>
  • B. <eval></eval>
  • C. <init></init>
  • D. <value></value>


Answer : C

Reference:
https://docs.splunk.com/Documentation/Splunk/8.1.2/Viz/tokens

Which of the following Simple XML elements configure panel link buttons? (Select all that apply.)

  • A. <title>Open In Search</title>
  • B. <option name=ג€link.visibleג€>true</option>
  • C. <option name=ג€trellis.enabledג€>false</option>
  • D. <option name=ג€refresh.link.visibleג€>false</option>


Answer : AB

Reference:
https://docs.splunk.com/Documentation/SplunkCloud/latest/Viz/DrilldownLinkToURL

Which of the following are requirements for arguments sent to the data/indexes endpoint? (Select all that apply.)

  • A. Be url-encoded.
  • B. Specify the datatype.
  • C. Include the bucket path.
  • D. Include the name argument.


Answer : BD

When using the Splunk REST API, which of the following containers is/are included in the Atom Feed response? (Select all that apply.)

  • A. <feed>
  • B. <entry>
  • C. <content>
  • D. <namespace>


Answer : BC

Reference:
https://docs.splunk.com/Documentation/Splunk/8.1.2/RESTUM/RESTusing

Which of the following are valid request arguments for the REST search endpoints? (Select all that apply.)

  • A. latest_time=rt
  • B. latest_time=now
  • C. earliest_time=-5h@h
  • D. earliest_time=rt_10m@m


Answer : BC

Reference:
https://community.splunk.com/t5/Getting-Data-In/How-to-create-Search-via-REST-api-in-verbose-mode/td-p/406400

Consider the following Python code snippet used in a Splunk add-on: if not os.path.exists(full_path): self.doAction(full_path, header) else: f = open(full_path) oldORnew = f.readline
().split(ג€,ג€) f.close()
An attacker could create a denial of service by causing an error in either the open() or readline() commands. What type of vulnerability is this?

  • A. CWE-693: Protection Mechanism Failure
  • B. CWE-562: Return of Stack Variable Address
  • C. CWE-404: Improper Resource Shutdown or Release
  • D. CWE-636: Not Failing Securely (ג€˜Failing Openג€™)


Answer : C

Reference:
https://dev.splunk.com/enterprise/docs/developapps/testvalidate/securitybestpractices/

Which of the following formats are valid for a Splunk REST URI?

  • A. host:port/endpoint
  • B. scheme://host/servicesNS/*/
  • C. $SPLUNK HOME/services/endpoint
  • D. scheme://host:port/services/endpoint


Answer : D

Which HTTP Event Collector (HEC) endpoint should be used to collect data in the following format?
{ג€messageג€:ג€Hello Worldג€, ג€fooג€:ג€barג€, ג€ponyג€:ג€buttercupג€}

  • A. data/inputs/http/{name}
  • B. services/collector/raw
  • C. services/collector
  • D. data/inputs/http


Answer : B

Reference:
https://docs.splunk.com/Documentation/Splunk/8.1.2/Data/HECExamples

The response message from a successful Splunk REST call includes an <entry> element. What is contained in an <entry> element?

  • A. A dictionary of <eai:acl> elements.
  • B. Metadata encapsulating the <content> element.
  • C. A response code indicating success or failure.
  • D. An individual element in an <entries> collection.


Answer : B

Reference:
https://docs.splunk.com/Documentation/Splunk/8.1.2/RESTUM/RESTusing

A user wants to add the token $token_name$ to a dashboard for use in a drilldown. Which token filter encodes URL values?

  • A. $$token_name$$
  • B. $token_name|h$
  • C. $token_name|n$
  • D. $token_name|u$


Answer : D

Reference:
https://docs.splunk.com/Documentation/Splunk/8.1.2/Viz/tokens

Page:    1 / 5   
Exam contains 70 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy