A KV store collection can be associated with a namespace for which of the following users?

1. A. Nobody
2. B. Users in the admin role.
3. C. Users in the admin and power roles.
4. D. Users in the admin, power, and splunk-system-user roles.

Correct Answer: B

Which of the following statements describe an HEC token? (Select all that apply.)

1. A. Maps to a Splunk user.
2. B. Can be used to download data.
3. C. Is a GUID (globally unique identifier).
4. D. Can be created in Splunk Web or using REST endpoints.

Correct Answer: CD

How can hiding or showing a panel by clicking on a chart or a table on the same form be performed?

1. A. By using vent drilldown.
2. B. By using workflow action.
3. C. By using contextual drilldown.
4. D. By using visualization drilldown.

Correct Answer: D

A fellow Splunk administrator is reviewing an app that has been downloaded from splunkbase and deployed in an organization. The admin has e-mailed the following configuration snippet with a brief note that says ??fix the permissions??.
In what configuration file should the snippet be placed? []
access = read : [ * ], write : [ admin ] export - system
(Assume that $APP_HOME refers to the path that the app is installed, e.g. $SPLUNK_HOME/etc/apps/)

1. A. $APP_HOME/default/app.conf
2. B. $APP_HOME/local/default.meta
3. C. $APP_HOME/metadata/local.meta
4. D. $SPLUNK_HOME/etc/system/local/server.conf

Correct Answer: D

Which of the following are reserved field names in a KV Store? (Select all that apply.)

1. A. _key
2. B. _time
3. C. _user
4. D. _source

Correct Answer: BC