The response message from a successful Splunk REST call includes an element. What is contained in an element?

1. A. A dictionary of <eai:acl> elements.
2. B. Metadata encapsulating the <content> element.
3. C. A response code indicating success or failure.
4. D. An individual element in an <entries> collection.

Correct Answer: B

Which statements are true regarding HEC (HTTP Event Collector) tokens? (Select all that apply.)

1. A. Multiple tokens can be created for use with different sourcetypes and indexes.
2. B. The edit token http admin role capability is required to create a token.
3. C. To create a token, send a POST request to services/collector endpoint.
4. D. Tokens can be edited using the data/inputs/http/{tokenName} endpoint.

Correct Answer: AC

Given the following two files defining app navigation, which navigation options will be displayed to the end user? (Select all that apply.)
$SPLUNK_HOME/etc/apps/app_name/default/data/ui/nav/default.xml

1. A. Search
2. B. Reports
3. C. Datasets
4. D. Dashboards

Correct Answer: BC

Which of the following search commands can be used to perform statistical queries on indexed fields in TSIDX files?

1. A. stats
2. B. tstats
3. C. tscollect
4. D. transaction

Correct Answer: B

Which type of command is tstats?

1. A. Generating
2. B. Transforming
3. C. Centralized streaming
4. D. Distributable streaming

Correct Answer: A