nerdexam
Splunk

SPLK-1003 · Question #35

Which option accurately describes the purpose of the HTTP Event Collector (HEC)?

The correct answer is B. A token-based HTTP input that is secure and scalable and that does not require the use of. The HTTP Event Collector (HEC) is a token-based HTTP/HTTPS input mechanism in Splunk. It is both secure (uses token authentication over HTTPS) and scalable (handles high-volume data ingestion). Critically, HEC does NOT require forwarders - applications and services can send data

Splunk Forwarding

Question

Which option accurately describes the purpose of the HTTP Event Collector (HEC)?

Options

  • AA token-based HTTP input that is secure and scalable and that requires the use of forwarders
  • BA token-based HTTP input that is secure and scalable and that does not require the use of
  • CAn agent-based HTTP input that is secure and scalable and that does not require the use of
  • DA token-based HTTP input that is insecure and non-scalable and that does not require the use of

How the community answered

(60 responses)
  • A
    2% (1)
  • B
    93% (56)
  • C
    3% (2)
  • D
    2% (1)

Explanation

The HTTP Event Collector (HEC) is a token-based HTTP/HTTPS input mechanism in Splunk. It is both secure (uses token authentication over HTTPS) and scalable (handles high-volume data ingestion). Critically, HEC does NOT require forwarders - applications and services can send data directly to Splunk over HTTP using an authorization token. This makes it ideal for cloud services, IoT devices, and application-level logging where deploying a forwarder is impractical. Option A is wrong because it incorrectly states forwarders are required. Options C and D are wrong because HEC is token-based, not agent-based, and it is indeed secure and scalable.

Topics

#HEC#Data Ingestion#Input Types#Forwarders

Community Discussion

No community discussion yet for this question.

Full SPLK-1003 Practice