Splunk splk-2001 practice test

Splunk Certified Developer Exam

Last exam update: Dec 15 ,2024
Page 1 out of 4. Viewing questions 1-15 out of 70

Question 1

Which of the following is a customization option for the Open in Search panel link button?

  • A. Display the refresh time.
  • B. Show the Export Results button.
  • C. Show link buttons at the bottom of a panel.
  • D. Define an alternative search or target view to use.
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

When the search/jobs REST endpoint is called to execute a search, what can be done to reduce the
results size in the results? (Select all that apply.)

  • A. Use a generating search.
  • B. Remove unneeded fields.
  • C. Truncate the data, using selective functions.
  • D. Summarize data, using analytic commands.
Answer:

AB

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which of the following is an intended use of HTTP Event Collector tokens?

  • A. A cookie.
  • B. An HTTP header field.
  • C. A JSON field in the HTTP request.
  • D. A password in conjunction with login.
Answer:

B


Reference:
https://docs.splunk.com/Documentation/Splunk/8.1.2/Data/FormateventsforHTTPEventCollector

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which of the following ensures that quotation marks surround the value referenced by the token?

  • A. $token_name|s$
  • B. “$token_name$”
  • C. ($token_name$)
  • D. \“$token_name$\”
Answer:

A


Reference: https://docs.splunk.com/Documentation/Splunk/8.1.2/Viz/tokens

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Which of the following statements describe an HEC token? (Select all that apply.)

  • A. Maps to a Splunk user.
  • B. Can be used to download data.
  • C. Is a GUID (globally unique identifier).
  • D. Can be created in Splunk Web or using REST endpoints.
Answer:

CD

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Which items below are configured in inputs.conf? (Select all that apply.)

  • A. A modular input written in Python.
  • B. A file input monitoring a JSON file.
  • C. A custom search command written in Python.
  • D. An HTTP Event Collector as receiver of data from an app.
Answer:

AD

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which of the following are security best practices for Splunk app development? (Select all that
apply.)

  • A. Store passwords in clear text in .conf files.
  • B. Implement security in software development lifecycle.
  • C. Manually test application with the controls listed in the OWASP Security Testing Guide.
  • D. Use a dynamic scanner such as OWASP ZAP to scan web application components for vulnerabilities.
Answer:

CD


Reference: https://dev.splunk.com/enterprise/docs/developapps/testvalidate/securitybestpractices/

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Given a dashboard with a Simple XML extension in myApp, what is the XML reference for the file
myJS.js located in myOtherApp in the location shown below?
$SPLUNK_HOME/etc/apps/myOtherApp/appserver/static/javascript/

  • A. <dashboard script=“myJs.js”>
  • B. <dashboard script=“myOtherApp/myJS.js”>
  • C. <dashboard script=“myOtherApp:javascript/myJS.js”>
  • D. <dashboard script=“myOtherApp:appserver/static/javascript/myJS.js”>
Answer:

A


Reference: https://dev.splunk.com/enterprise/docs/developapps/visualizedata/usewebframework/
modifydashboards/

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

A fellow Splunk administrator is reviewing an app that has been downloaded from splunkbase and
deployed in an organization. The admin has e-mailed the following configuration snippet with a brief
note that says fix the permissions.
In what configuration file should the snippet be placed?
[]
access = read : [ * ], write : [ admin ] export - system
(Assume that $APP_HOME refers to the path that the app is installed, e.g.
$SPLUNK_HOME/etc/apps/<app name>)

  • A. $APP_HOME/default/app.conf
  • B. $APP_HOME/local/default.meta
  • C. $APP_HOME/metadata/local.meta
  • D. $SPLUNK_HOME/etc/system/local/server.conf
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Log files related to Splunk REST calls can be found in which indexes? (Select all that apply.)

  • A. _audit
  • B. _internal
  • C. _thefishbucket
  • D. _blocksignature
Answer:

AB


Reference:
https://docs.splunk.com/Documentation/Splunk/8.1.2/Troubleshooting/Whatdatagetslogged

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

To delete the record with a _key value of smith from the sales collection, a DELETE request should be
sent to which REST endpoint?

  • A. /storage/collections/sales/smith
  • B. /storage/kvstore/data/sales/smith
  • C. /storage/collections/data/sales/smith
  • D. /storage/kvstore/collections/sales/smith
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

How can event logs be collected from a remote Windows machine using a standard Splunk
installation and no customization? (Select all that apply.)

  • A. By configuring a WMI input.
  • B. By using HTTP event collector.
  • C. By using a Windows heavy forwarder.
  • D. By using a Windows universal forwarder.
Answer:

AD

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

What predefined drilldown tokens are available specifically for trellis layouts? (Select all that apply.)

  • A. trellis.Xaxis
  • B. trellis.Yaxis
  • C. trellis.name
  • D. trellis.value
Answer:

CD


Reference: https://docs.splunk.com/Documentation/Splunk/8.1.2/Viz/VisualizationTrellis

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

Which event handler uses the <selection> element to support pan and zoom functionality?

  • A. Visualization event handler
  • B. Form input event handler
  • C. Condition event handler
  • D. Search event handler
Answer:

A


Reference: https://docs.splunk.com/Documentation/Splunk/8.1.2/Viz/EventHandlerReference

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

Which of the following is a security best practice?

  • A. Enable XSS.
  • B. Eliminate all escape characters.
  • C. Ensure the app passes App Certification.
  • D. Ensure components have no Common Vulnerabilities and Exposures (CVE) vulnerabilities.
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2