SPLK-1003 · Question #35
Which option accurately describes the purpose of the HTTP Event Collector (HEC)?
The correct answer is B. A token-based HTTP input that is secure and scalable and that does not require the use of. The HTTP Event Collector (HEC) is a token-based HTTP/HTTPS input mechanism in Splunk. It is both secure (uses token authentication over HTTPS) and scalable (handles high-volume data ingestion). Critically, HEC does NOT require forwarders - applications and services can send data
Question
Which option accurately describes the purpose of the HTTP Event Collector (HEC)?
Options
- AA token-based HTTP input that is secure and scalable and that requires the use of forwarders
- BA token-based HTTP input that is secure and scalable and that does not require the use of
- CAn agent-based HTTP input that is secure and scalable and that does not require the use of
- DA token-based HTTP input that is insecure and non-scalable and that does not require the use of
How the community answered
(60 responses)- A2% (1)
- B93% (56)
- C3% (2)
- D2% (1)
Explanation
The HTTP Event Collector (HEC) is a token-based HTTP/HTTPS input mechanism in Splunk. It is both secure (uses token authentication over HTTPS) and scalable (handles high-volume data ingestion). Critically, HEC does NOT require forwarders - applications and services can send data directly to Splunk over HTTP using an authorization token. This makes it ideal for cloud services, IoT devices, and application-level logging where deploying a forwarder is impractical. Option A is wrong because it incorrectly states forwarders are required. Options C and D are wrong because HEC is token-based, not agent-based, and it is indeed secure and scalable.
Topics
Community Discussion
No community discussion yet for this question.