Which of the following statements about integrating with third-party systems is true? (Select all that apply.)
Which of the following statements about integrating with third-party systems is true? (Select all that apply.)
A Hadoop application can search data in Splunk using the REST API, enabling integration between the two platforms. Additionally, Splunk alerts can be configured to trigger actions on third-party systems based on query results, allowing automated responses to specific conditions detected in Splunk's data. These capabilities highlight the flexibility and integration potential of Splunk with other systems.
My Answer is BCD
Unpopular answer I guess, but I'd say A and C. A. Hadoop applications can search data in Splunk using the REST API at minimum C. Alert actions can be used to trigger actions based on a query result But not... B. Splunk can't search data on HDFS without indexing it first. D. I see other comments saying that there's a 3rd party tool that can receive data directly from a UF, but assume that this is talking about first-party architecture as designed (and, besides, they have a lawsuit open against Cribl :))
The D is correct, you can use de UF and HF to send data do other systems: https://www.tekstream.com/blog/route-data-to-multiple-destinations/
100% B,C,D B. Splunk can search data in the Hadoop File System (HDFS). - Correct C. You can use Splunk alerts to provision actions on a third-party system. - Correct: Systems such as Critical Start can utilize alerts to provision additional actions from within their system. D. You can forward data from Splunk forwarder to a third-party system without indexing it first. - Correct: As mentioned Cribl LogStream can ingest data directly from the UF modify the streamed data, and then forward that data to the indexer(s)
B,C Not D bc the it can only send data AFTER it's indexed
That would defy the whole purpose of the HF.
You are incorrect: https://docs.splunk.com/Documentation/Splunk/latest/Forwarding/Forwarddatatothird-partysystemsd
LogStream from Cribl can receive data from Forwarders
B. Splunk can search data in the Hadoop File System (HDFS). C. You can use Splunk alerts to provision actions on a third-party system. D. You can forward data from Splunk forwarder to a third-party system without indexing it first.