← Back to exam page

SPLK-2001 Splunk Certified Developer Exam

Loading demo links...

Showing 4–6 of 10 questions

Question 4

There is a global search named “global_search” defined on a form as shown below:

index-_internal source-*splunkd.log | stats count by component, log_level

Which of the following would be a valid post-processing search? (Select all that apply.)

Select all that apply, then click Submit answer.

  • | tstats count

  • sourcetype=mysourcetype

  • stats sum(count) AS count by log level

  • search log_level=error | stats sum(count) AS count by component
Question 5

How can indexer acknowledgement be enabled for HTTP Event Collector (HEC)? (Select all that apply.)

Select all that apply, then click Submit answer.

  • No need to do anything, it is turned on by default.

  • When a REST request is sent to create a token, the property for indexer acknowledgement must be set to 1.

  • When a new HEC token is created in Splunk Web, select the checkbox labeled “Enable indexer acknowledgement”.

  • When the Global Settings for HEC are updated in Splunk Web, select the checkbox labeled “Enable indexer acknowledgement”.
Question 6

Which event handler uses the element to support pan and zoom functionality?

Select an option, then click Submit answer.

  • Visualization event handler

  • Form input event handler

  • Condition event handler

  • Search event handler