New 2021 SPLK-2001 exam questions Welcome to download the newest PassTorrent SPLK-2001 PDF dumps (70 Q&As)
P.S. Free 2021 Splunk Certified Developer SPLK-2001 dumps are available on Google Drive shared by PassTorrent
NEW QUESTION 40
What predefined drilldown tokens are available specifically for trellis layouts? (Select all that apply.)
- A. trellis.Xaxis
- B. trellis.Yaxis
- C. trellis.value
- D. trellis.name
Answer: C,D
NEW QUESTION 41
Which of the following options would be the best way to identify processor bottlenecks of a search?
- A. Using the Splunk Monitoring Console.
- B. Using the REST API.
- C. Using the search job inspector.
- D. Searching the Splunk logs using index=" internal".
Answer: A
NEW QUESTION 42
After updating a dashboard in myApp, a Splunk admin moves myApp to a different Splunk instance. After logging in to the new instance, the dashboard is not seen. What could have happened? (Select all that apply.)
- A. The admin deleted the myApp/local directory before packaging.
- B. User role permissions are different on the new instance.
- C. Changes were placed in: $SPLUNK_HOME/etc/apps/search/default/data/ui/nav
- D. The dashboard's permissions were set to private.
Answer: B,D
NEW QUESTION 43
Searching "index=_internal metrics | head 3" from Splunk Web returned the following events:
04-12-2018 18:39:43.514 +0200 INFO Metrics - group=thruput, name=thruput, instantaneous_kbps=0.9651774014563425, instantaneous_eps=5.645638802094809, average_kbps=1.198995639527069, total_k_processed=2676, kb=29.91796875, ev=175, load_average=3.85888671875
04-12-2018 18:39:43.514 +0200 INFO Metrics - group_thruput, name_syslog_output, instantaneous_kbps=0, instantaneous_eps_0, average_kbps=0, total_k_processed=0, kb=0, ev=0
04-12-2018 18:39:43.513 +0200 INFO Metrics - group_thruput, name_index_thruput, instantaneous_kbps=0.9651773703189551, instantaneous_eps=4.87137960922438, average_kbps=1.1985932324065556, total_k_processed=2675, kb=29.91796875, ev=151 When the same search is required from a REST API call, which fields will be given? (Select all that apply.)
- A. name
- B. sourcetype
- C. _raw
- D. instantaneous_kbps
Answer: B,C
NEW QUESTION 44
Which of the following is true of a namespace?
- A. The namespace does not filter knowledge objects returned by the REST API.
- B. The namespace filters the knowledge objects returned by the REST API.
- C. The namespace includes an app attribute which cannot be a wildcard.
- D. The namespace is a type of token filter.
Answer: A
NEW QUESTION 45
Which of the following are valid request arguments for the REST search endpoints? (Select all that apply.)
- A. earliest_time=-5h@h
- B. latest_time=now
- C. earliest_time=rt_10m@m
- D. latest_time=rt
Answer: A,B
NEW QUESTION 46
Which of the following is a way to monitor app performance? (Select all that apply.)
- A. Using the Monitoring Console.
- B. Using the storage/collections/config REST endpoint.
- C. Using Splunk logs.
- D. Using the search job inspector.
Answer: A,C
NEW QUESTION 47
Which of the following are ways to get a list of search jobs? (Select all that apply.)
- A. Use Splunk REST to query the /services/search/jobs endpoint.
- B. Access Activity > Jobs with Splunk Web.
- C. Use Splunk REST to query the /services/saved/searches endpoint.
- D. Use Splunk REST to query the /services/search/sid/results endpoint.
Answer: A,B
NEW QUESTION 48
When output_mode is not used, which element of a feed is a human readable name for a returned entry?
- A. Link
- B. Author
- C. Id
- D. Title
Answer: D
NEW QUESTION 49
Which statements are true regarding HEC (HTTP Event Collector) tokens? (Select all that apply.)
- A. The edit token http admin role capability is required to create a token.
- B. Tokens can be edited using the data/inputs/http/{tokenName} endpoint.
- C. Multiple tokens can be created for use with different sourcetypes and indexes.
- D. To create a token, send a POST request to services/collector endpoint.
Answer: C,D
NEW QUESTION 50
Which type of command is tstats?
- A. Generating
- B. Centralized streaming
- C. Distributable streaming
- D. Transforming
Answer: A
NEW QUESTION 51
Which of the following ensures that quotation marks surround the value referenced by the token?
- A. ($token_name$)
- B. "$token_name$"
- C. $token_name|s$
- D. \"$token_name$\"
Answer: C
NEW QUESTION 52
Data can be added to a KV store collection in which of the following format(s)?
- A. JSON, XML, CSV
- B. JSON, XML
- C. JSON
- D. JSON, XML, CSV, TXT
Answer: C
NEW QUESTION 53
Which of the following are security best practices for Splunk app development? (Select all that apply.)
- A. Store passwords in clear text in .conf files.
- B. Manually test application with the controls listed in the OWASP Security Testing Guide.
- C. Implement security in software development lifecycle.
- D. Use a dynamic scanner such as OWASP ZAP to scan web application components for vulnerabilities.
Answer: B,D
NEW QUESTION 54
For a KV store, a lookup stanza in the transforms.conf file must contain which of the following? (Select all that apply.)
- A. fields_list
- B. external_type
- C. internal_type
- D. collection
Answer: A,D
NEW QUESTION 55
......
SPLK-2001 exam questions from PassTorrent dumps: https://www.passtorrent.com/SPLK-2001-latest-torrent.html (70 Q&As)
Free 2021 Splunk Certified Developer SPLK-2001 dumps are available on Google Drive shared by PassTorrent: https://drive.google.com/open?id=1-wYM3Hmqpjb6BfjExz7i5UNVbqm44CV_