1)Datadog Log Management lets you send and process every log produced by your applications and infrastructure.

Choose the 4 correct statements.

✘ Collecting logs is disabled by default in the Datadog Agent.
✘ To collect logs for a given integration, uncomment the logs section in that integration’s conf.yaml file .
The Datadog Agent cannot collect logs directly from container stdout/stderr without using a logging driver.
✘ If your logs contain sensitive information you can use the Agent to scrub sensitive sequences.
Monitoring log files larger than 50MB is not recommended as this will increase the Agent overhead. If the log size cannot be reduced, install a second Agent.
✘ You can collect logs and forward them to Datadog from files, the network (TCP or UDP), journald, and Windows channels.

2) APM & Distributed Tracing gives deep visibility into your applications with out-of-the-box performance dashboards for web services, queues and databases to monitor requests,
errors, and latency.
Choose the 3 correct statements.
✘ A trace is used to track the time spent by an application processing a request and the status of this request. Each trace consists of one or more spans.
The out-of-the-box visualisation to view trace data is in the Host Map.
✘ A span represents a logical unit of work in a distributed system for a given time period. Multiple spans construct a trace.
✘ Services are the building blocks of modern microservice architectures - broadly a service groups together endpoints, queries, or jobs for the purposes of building your application.
The Service Map shows relationships and dependencies of Windows services only.

3) Security Monitoring detects different sorts of threats to your application or infrastructure. While configuring Security Rules you can define a special attribute named "group by".
Why is this attribute useful? Choose the 3 correct statements.
✘ To assist with triaging the signal
✘ To relate similar security signals
To integrate Datadog APM 3rd party systems
✘ To join queries together

4) A core feature of a modern monitoring system is described below.

When issues arise, a monitoring system should help engineers discover and correct the problem as quickly as possible. That means delivering alerts through a team’s preferred
communication channels and making it easy for incident responders to share graphs, dashboards, events, and comments.
Which core feature does the above statement describe?
Comprehensive Coverage
Sophisticated Alerting
✘ Collaboration
Built-in Aggregation
Scalability

5) An event represents any record of activity noteworthy for engineers (devs, ops, and security)
Choose the 3 correct statements.
Events contain confidential information so only authorized engineers should have access to them.
✘ The event stream is a display of the most recent events generated by your infrastructure and the associated monitors.
✘ Auditing events are created for user creation, integration changes and for other major changes.
✘ Certain integrations only submit events, but not metrics.
Events are committed in the event stream after 5 minutes so if you accidentally caused an event, you can quickly delete it.

6) Datadog's Log Management unifies logs, metrics, and traces in a single view, giving you rich context for analyzing log data. The index facet is a specific facet that appears only if
your organization has _________ Complete with the correct statement.
✘ multiple indexes and/or if you have active historical views
multiple indexes
active historical views

7) Monitoring all of your infrastructure in one place wouldn’t be complete without the ability to know when critical changes are occurring.
Choose the 4 correct statements.
✘ Metric monitors are useful for a continuous stream of data. Any metric sent to Datadog can be alerted upon if they cross a threshold over a given period of time.
✘ Composite monitors combine individual monitors into one monitor to define more specific alert conditions.
Monitors are configured in the datadog.yaml file for each host.
✘ Forecast, Anomaly and Outlier monitors use AI to calculate alert worthy conditions.
A limitation with monitors is the alert notification can only be sent by email.
✘ You can use Template variables to customize your monitor notifications.

8) Security Monitoring detects different sorts of threats to your application or infrastructure. These threats are surfaced in Datadog as Security Signals. How are Security Signals
generated by Datadog Security Monitoring? Choose the 1 correct statement.
✘ With Detection Rules
With Deny Rules
With Datadog Security Rules

9) In Datadog APM, in order to instrument a new Node.js application you first install the Datadog tracing library to your application, using npm. Then, you need to import and initialize
the tracer. What are the two ways you can use to import and initialize the tracer? Choose the 2 correct statements.
✘ Adding the tracer in the code
✘ Adding the tracer via command line arguments
Adding the tracer via --tracer argument

10) Datadog’s Real User Monitoring (RUM) gives you end-to-end visibility into the real-time activity and experience of individual users. What are four different installation methods
available in RUM for Browser Monitoring? Choose 4 correct statements.
✘ npm (node package manager)
✘ CDN async
✘ CDN sync
CDN only
✘ TypeScript

11) A metric’s type affects how the metric values are displayed when queried, as well as the associated graphing possibilities within Datadog using additional modifiers and functions.
Choose the 3 correct statements.
✘ Changing the metric type can change metric behavior in all existing visualizations and monitors, potentially rendering historical data as nonsensical.
✘ Metrics are submitted to Datadog in three main ways: Agent check, DogStatsD, Datadog’s HTTP API
Metrics are simply numbers and their type is only important for aesthetics.
✘ A metric’s type is displayed on the details side panel for the given metric on the Metrics Summary page.
You can merge metric types to create new custom types. E.g. merging (a) counts/min with (b) % utilised, would give you new custom types of (c) % of counts/min and (d) % of
minutes / count.

12) A query extracts a stored time series and reports the data points over a defined span of time.
Pair the statements.
Scope -is the set of tags used to choose time series for the query.
Grouping -is the set of tags over which to apply space aggregation.
Time aggregation -is done implicitly, or manually with the rollup function.

13) Datadog's Log Management unifies logs, metrics, and traces in a single view, giving you rich context for analyzing log data. Choose the 1 correct statement.
The Datadog Agent is the only method for collecting logs from a web browser
✘ Users can collect logs and complete their setup within minutes, since Datadog has a guided step-by-step onboarding
Users do not have full control over how their log pipelines are processed

14)In Datadog APM, which capability allows you to visualize and quickly understand service dependencies? Choose the 1 correct statement.
Deployment Tracking
✘ Service Map
Service Performance Dashboards

15) In Datadog APM, instrumentation for Java uses the java-agent instrumentation capabilities provided by the JVM. When a java-agent is registered, it has the ability to modify class
files at load time. In which ways instrumentation may happen? Choose a correct statement.
Auto-instrumentation
Using the OpenTracing APIs
✘ A mixture of both

16) Synthetic Monitoring allows you to observe how your systems and applications are performing using simulated requests and actions from around the globe. What are two
common use cases for using private locations? Choose the 2 correct statements.
✘ To monitor internal APIs and websites
✘ To create custom locations in areas that are mission-critical to your business
To correlate RUM and synthetic tests

17) You can use the Datadog HTTP API to programmatically access the Datadog platform.
Choose the 4 correct statements.
The Datadog API can be shared publicly and secured with IP whitelisting.
✘ You can submit custom metrics, events and logs using the Datadog HTTP API endpoints.
✘ You can use the API to build data visualizations and manage your users.
Datadog will provide a unique endpoint for each customer in the format of customer.api.datadoghq.com.
✘ Datadog does not rate limit on data point/metric submission.
✘ Application keys, in conjunction with your org’s API key, give you full access to Datadog’s programmatic API.

18) Trace Sampling is applicable for high-volume web-scale applications, where a sampled proportion of traces is kept in Datadog.
Choose the 3 correct statements.
✘ Individual traces are stored for 15 days.
✘ For the lifecycle of a trace, trace sampling happens at 3 levels: Tracing Client, Agent, and Backend level.
✘ Statistics (requests, errors, latency, etc.), are calculated based on the full volume of traces at the Agent level, and are therefore always accurate.
Similar analogy to tracing the origin of a phone call, the duration of a trace needs to be minimum of 30 seconds for the Agent to pinpoint the error in the trace.
The longer a trace sample is, the more accurate and detailed the sample will be. The maximum sample time is 24 hours.

19) The Agent can be installed on many different platforms either directly on the host or as a containerized version.
Choose the 3 correct statements.
✘ The Agent’s main configuration file is datadog.yaml.
✘ The Agent’s two main components are the Collector - in charge of running checks and collecting metrics; and the Forwarder - sends payloads to Datadog.
You can install more than one Agent when intensive monitoring is required.
✘ The Datadog Agent and it’s core integrations are open source.
There is no Datadog Agent for Windows environment.

20) Synthetic Monitoring allows you to observe how your systems and applications are performing using simulated requests and actions from around the globe. What different type
of tests are available in Synthetic Monitoring? Choose the 3 correct statements.
✘ API Tests
✘ Multistep API Tests
Functional Tests
✘ Browser Tests

21) Depending on severity, a notification may be more appropriate than a page, or vice versa. Whenever you consider setting an alert, ask yourself three questions to determine the
alert's level of urgency and how it should be handled.
Which 3 questions should you ask yourself?
✘ Is this issue real? - It may seem obvious, but if the issue is not real, it usually should not generate an alert (E.g. Planned upgrades causing hosts to be offline). If the issue is indeed
real, it should generate an alert. Even if the alert is not linked to a notification, it should be recorded within your monitoring system for later analysis and correlation.
What is the source of this issue? - When the source is unknown, alerting someone wastes time as they won't know where to start investigating.
✘ Does this issue require attention? - If you can reasonably automate a response to an issue, you should consider doing so. There is a very real cost to calling someone away from
work, sleep, or personal time. If the issue is real and it requires attention, it should generate an alert that notifies someone who can investigate and fix the problem.
✘ Is this issue urgent? - Not all issues are emergencies. E.g. A moderately higher than normal percentage of system responses have been very slow, may need to be addressed soon,
but not at 4:00 A.M. If, on the other hand, a key system stops doing its work at an acceptable rate, an engineer should take a look immediately and a page should be generated.
Is this issue important? - If you feel the issue isn't im
portant, then it probably isn't. Other people would generally feel the same as you do about a particular issue.

22) In Datadog APM, instrument a new .NET Core application on Linux is a four step process. You first Install and configure a Linux Datadog Agent, then you download and install
the .NET Tracer into the application environment. Then you add the required environment variables. And finally, you run your .NET Core application. Which environment variables are
required to enable automatic instrumentation on Linux? Choose the 4 correct statements.
✘ CORECLR_ENABLE_PROFILING
CORECLR_PROFILER_VERSION
✘ DD_DOTNET_TRACER_HOME
✘ CORECLR_PROFILER_PATH
✘ CORECLR_PROFILER

23) Datadog APM has a few additional features.

Choose the 3 correct statements.
✘ Trace metrics are automatically collected and kept at a 15-month retention policy
✘ Runtime metrics collection in the tracing client can gain additional insights into an application’s performance.
✘ Profiling can help you improve code efficiency, to pinpoint the lines of code consuming the most CPU, memory, or I/O.
User Profiling can help you anticipate how the user will use your application and what their next action will be.

24) A metric query can be broken down into sections.

<Below is a picture of a metric query in the editor view.>

Pair each section.

A - Space aggregation
B - Scope
C - Grouping
D -Time aggregation

25) In Datadog APM, in order to instrument a new Java application first you download dd-java-agent.jar, which contains the Agent class files. Then you typically add some arguments
to your application startup either in your IDE, your Maven or Gradle application scripts, or your java -jar command.
java -cp "./dd-java-agent.jar" -jar ./app.jar com.test.Hello -Correct
java -javaagent:./dd-java-agent.jar -jar ./app.jar com.test.Hello -Incorrect
✘ java -cp "./dd-java-agent.jar" -jar ./app.jar com.test.Hello -Incorrect
✘ java -javaagent:./dd-java-agent.jar -jar ./app.jar com.test.Hello -Correct

26) In Datadog APM, by default the Datadog Agent is enabled in your datadog.yaml file under apm_enabled: true and listens for trace traffic at localhost:8126. Which additional
parameter need to be set in containerized environments? Choose the 1 correct statement.
✘ Set apm_non_local_traffic: true in your main datadog.yaml file
Set apm_non_local_traffic: false in your main datadog.yaml file
Set apm_local_traffic: true in your main datadog.yaml file

27) Adhering to a standardized monitoring framework allows you to investigate problems more systematically.
What are the 3 key components of such a framework?
✘ For each system in your infrastructure, set up a dashboard ahead of time that displays all its key metrics, with relevant events overlaid.
✘ Investigate causes of problems by starting with the highest-level system that is showing symptoms, reviewing its work and resource metrics and any associated events.
Each team operates differently from each other, so implement different frameworks to suit the team.
✘ If problematic resources are detected, apply the same investigation pattern to the resource (and its constituent resources) until your root problem is discovered and corrected.
It is recommended to start troubleshooting with the Network team since everything is dependent on the network and 85% of issues are network related.

28) Log configuration page allows full control over how your logs are processed with Datadog.
Choose the 3 correct statements.
✘ A Pipeline takes a filtered subset of incoming logs and applies a list of sequential processors.
You can adjust the Pipeline Diameter settings to prevent bottlenecks and help load balance across all the different logs being sent to Datadog.
✘ A Processor executes within a Pipeline, a data-structuring action on a log.
✘ For integration logs, an Integration Pipeline is automatically installed that takes care of parsing your logs and adds the corresponding facet.
Processors can be configured to process logs during Peak/Off-Peak periods.

29) A core feature of a modern monitoring system is described below.

Monitoring every layer of infrastructure allows engineers to correlate metrics across systems so they can understand the interactions between services.
Which core feature does the above statement describe?
✘ Comprehensive Coverage
Scalability
Built-in Aggregation
Sophisticated Alerting
Collaboration

30) With Synthetic Monitoring you can run synthetic tests in your continuous integration (CI) pipelines, letting you block the deployment of branches that would break your product.
Synthetic CI/CD testing can also be used to run tests as part of your CD process, evaluating the state of your production application immediately after a deployment finishes. What
different types of execution rules are available as part of the global configuration file? Choose the 3 correct statements.
✘ blocking
✘ non_blocking
failed
✘ skipped

31) Synthetic Monitoring allows you to observe how your systems and applications are performing using simulated requests and actions from around the globe. After you spin up a
private location _________ Complete with the correct statement.
the synthetic worker lives on a Datadog-managed host
✘ the synthetic worker lives on my own managed host

32) Security Monitoring detects different sorts of threats to your application or infrastructure. These threats are surfaced in Datadog as Security Signals. Where in Datadog can
Security Signals be correlated and triaged? Choose the 1 correct statement.
Infrastructure Host Map
Metric Explorer
✘ Security Signals Explorer

33) Metrics capture a value pertaining to your systems at a specific point in time and are usually collected at regular intervals (every 15 seconds, every minute, etc.) to monitor a
system over time.
Pair the statements.
Throughput, Success, and Performance metrics -Work Metrics
Utilization, Saturation, and Availability metrics -Resource Metrics
Capture what happened at a point in time, with optional additional information -Events
Errors typically represented as a percentage over time -Work Metric Errors

34) Security Monitoring detects different sorts of threats to your application or infrastructure. How are these threats surfaced in Datadog? Choose the 1 correct statement.
With Security Threats
✘ With Security Signals
With Datadog Watchdog

35) Run the Datadog Agent in your Kubernetes cluster as a DaemonSet in order to start collecting your cluster and applications metrics, traces, and logs.
Choose the 4 correct statements.
✘ You can deploy the Agent with a Helm chart or directly with a DaemonSet object YAML definition.
✘ The Cluster Agent helps to alleviate server load by acting as a proxy between the API server and node-based Agents.
✘ You can use Datadog’s Autodiscovery feature to automatically identify the services running on a specific container and gather data from those services.
✘ The Datadog Agent can create and assign tags to all metrics, traces, and logs emitted by a container based on its labels or environment variables.
You cannot exclude containers from logs collection, metrics collection, and autodiscovery.

36) Security Monitoring detects different sorts of threats to your application or infrastructure. What are examples of security threats Security Monitoring detects? Choose the 3
correct statements.
A DDoS attack
✘ An IP communicating with your systems which matches a threat intel list
✘ A targeted attack
✘ An insecure configuration

37) The Agent is lightweight software installed on your hosts. It reports metrics and events from your host to Datadog via integrations, DogStatsD, or the API. With additional setup,
the Agent can report live processes, logs, and traces.
Choose the 3 correct statements.
✘ DogStatsD is a Golang implementation of Etsy’s StatsD metric aggregation daemon.
A different Agent is required on the host for monitoring traces and logs.
✘ The Agent offers both a GUI and a CLI to interact with.
✘ The Datadog Agent submits metrics to Datadog over a TLS-encrypted TCP connection by default.
The Agent can be configured from any browser including on mobile devices.

38) Datadog’s Deployment Tracking gives you visibility into the performance of deployed code to detect bad code deployments, contain the impact of changes, and respond faster to
incidents. What are the typical deployment strategies where Deployment Tracking could be of high value? Choose a correct statement.
Rolling deploys
Blue/green deploys (or other color combination)
Canary deploys
Shadow deploys
✘ All of the above

39) Grok comes with reusable patterns to parse integers, IP addresses, hostnames, etc.
You can write parsing rules with correct syntax.
Pair the statements.
Matcher -A rule that describes what to expect.
Extract -An identifier for the capture destination for text matched.
Filter -A post-processor of the match to transform it.

40) SLOs provide a framework for defining clear targets around application performance, which ultimately help teams provide a consistent customer experience, balance feature
development with platform stability, and improve communication with internal and external users.
Choose the 4 correct statements.
✘ Monitor-based SLOs are useful for a time-based stream of data where you are differentiating time of good behavior vs bad behavior.
✘ Metric-based SLOs are useful for a count-based stream of data where you are differentiating good and bad events.
✘ Service Level Indicator (SLI), is a representative quantitative measure of an aspect of a service that relates to the user journey.
✘ The Error Budget of an SLO is the downtime allowed for the service based on the SLO target.
Duration-based SLOs are useful for a time-based stream of data where you are differentiating time of good behavior vs bad behavior.
Summation-based SLOs are useful for a count-based stream of data where you are differentiating good and bad events.

41) Distributed traces seamlessly correlate to browser sessions, logs, synthetic checks, network,
processes, and infrastructure metric across hosts, containers, proxies, and serverless functions
Choose the 3 correct statements.
✘ Automatic scrubbling of sensitive information is available for some devices, such as Elasticsearch, MongoDB, Redis, Memcached, and HTTP server and client requests URL´s
✘ Tags can be added to a single span or globally to all spans
The unified tracer feature can bring together all Distributed traces to make analysis easier
✘ The correlation between APM and Log Management is improved by the injection of trace ID´s, span ID´s, env, service, and version as attributes in your logs

42) Synthetic Monitoring API tests allow you to launch single or chained requests to perform verifications on your key systems at various network levels. What are valid examples of
various network levels API tests support? Choose the correct 4 statements
✘ HTTP
✘ TCP
SIP
✘ DNS

43) Datadog's Log Management unifies logs, metrics, and traces in a single view, giving you rich context for analyzing log data. Choose the 2 correct statements
All ingested logs are visible in the Log Explorer at all time.
✘ Aggregations are supported for indexed logs only
✘ Users can filter logs easily using both tags and facets
Users can filter logs easily only using tags

44) Log Indexes provide fine-grained control over your Log Management budget by allowing you to segment data into value groups for differing retention, quotas, usage monitoring,
and billing.
Choose the 4 correct statements
Logs need to be formatted so they have a “Table of Contents” in order to be indexed
✘ Index filters allow dynamic control over which logs flow into which indexes
✘ Exclusion filters control which logs flowing in your index should be removed. Excluded logs are discarded from indexes, but still flow through the Livetail and can be used to
generate metrics and archived
✘ You can set a daily quota to hard-limit the number of logs that are stored within an index per-day
 Creating indexes can only be done by Datadog because it affects billing and users need to submit a ticket request
✘ Indexes can have different log rotation policies

45) Hosts are defined as any instances with Datadog Agent installed plus any AWS EC2 Instances, GCP, Azure, or vSphere VM´s monitored with our integrations. Choose the 3 correct
statements
✘ Hostnames should be unique within a Datadog account
✘ Datadog creates aliases for host names when there are multiple uniquely identifiable names for a single hosts
✘ Any EC2 Instances or VMs with the Agent installed count as a single instance
Any EC2 Instances or VMs with the Agent installed count as two instances
Hosts without the Agent do not use up a licence

46) A core feature of a modern monitoring system is described below

Powerful tagging or labelling schemes allow engineers to arbitrarily segment and aggregate their metrics, so they can direct their focus at the service level rather than the host level
Which core feature does the above statement describe?
Comprehensive coverage
✘ Built-In aggregation
Scalability
Collaboration
Sophisticated alerting

47) A core feature of a modern monitoring system is described below

Modern, dynamic monitoring systems understand that individual hosts come and go, so they scale gracefully with expanding or contracting infrastructure. Which core feature does
the above statement describe?
Comprehensive coverage
Built-In aggregation
✘ Scalability
Collaboration
Sophisticated alerting

48) Within Datadog, a graph can only contain a set number of points and, as the timeframe over which a metric is viewed increases, aggregation between points ocurrs so that the
number of points remains under that set number
Choose the 2 correct statements
✘ Datadog rolls up data points automatically by default, averaging values in the rollup interval for GAUGE, RATE and COUNT metric types
Zooming in and out a timeframe will never change the available datapoints on a graph
✘ Zooming out a timeframe smooths out graphs
The maximum you can zoom out is 3 months

49) In Datadog APM, Ingestion controls affect what traces are sent by your application to the Datadog platform. Choose the 1 correct statement.
✘ For the best experience, set services to send 100% of their traces so that all traces can be used for a live search and analytics.
For the best experience, set services to send 50% of their traces so that all traces can be used for a live search and analytics.
For the best experience, set services to send 25% of their traces so that all traces can be used for a live search and analytics.

50) Monitors have advanced features allowing more functionality for different types of use cases. Choose the 3 correct statements
✘ For all monitor types, monitor changes create an event in the event stream. This event explains the change and displays the user that made the change
✘ You can schedule one time or recurring downtimes for system shutdowns, off-line maintenance, or upgrades without triggering your monitors.
✘ A common use-case for the monitor message is to include a step-by-step way to resolve the problem
You can enable the Auto-Organic feature that lets the monitor “grow” and “evolve” to maintain meaningful alerts
To prevent users turning off monitors to hide issues, enable the Instant Lock. Any attempt to turn off monitors in a triggered state will lock that monitor until an admin unlocks it

51)In Datadog APM, instrumenting a new Python application is a two step process. You first install the Datadog tracing library to your application, using
pip. What is the final step to instrument a Python app? Choose the 1 correct statement.
✘ Toprefix your Python entry-point command with ddtrace-run
To append your Python entry-point command with ddtrace-run
To prefix your Python entry-point command with --ddtrace-run command

52) Tags are a way of adding dimensions to Datadog telemetries so they can be filtered, aggregated, and compared in Datadog visualizations. Choose the 4 correct statements.
Tags are limited to 16 characters.
✘ Tagging binds different data types in Datadog, allowing for correlation and call to action between metrics, traces, and logs.
✘ Host, service, source, env, version are examples of reserved tag keys in Datadog.
✘ Tags shouldn't originate from unbounded sources, such as epoch timestamps, user IDs, or request IDs.
Tags are isolated and separated between metrics, logs and traces to avoid data contamination and duplication.
✘ Datadog recommends constructing tags in the <KEY>:<VALUE> format.

53) API keys are unique to your organization. Choose the 3 correct statements.
✘ You can have more than one API key in an organization, but you have to have at least one API key.
✘ Application keys are associated with the user account that created them and must be named.
✘ Each host monitored needs to have a unique API key.
API keys can be shared between organizations to save licensing costs.
✘ An API key is required by the Datadog Agent to submit metrics and events to Datadog.

54) Datadog provides three main types of integrations:

Agent-based integrations, Authentication (crawler) based integrations and Library integrations
Choose the 4 correct statements.
✘ AWS, Azure, and GCP are crawler based integrations.
✘ Some Agent based integrations need to be individually configured to enable them.
✘ Library integrations use the Datadog API to allow you to monitor applications based on the language they are written in, like Node.js or Python.
Authentication (crawler) based integrations pull data once per day because the 3rd party vendor discourages load on their API.
✘ Some Agent based integrations are enabled by default.

55) By understanding the ideal use cases and limitations of each kind of timeseries graph, you can extract actionable information from your metrics
more quickly. Choose the 3 correct statements.
✘ A heat map is a good choice to visualize highly variable metrics reported by a large number of sources.
✘ Bar graphs are useful to convey metric values when data is sparse.
✘ When you are summing complimentary metrics sharing the same unit of measure, a stacked area graph should be used.
The host map widget shows metrics aggregated across many tags, such as hosts. The more hosts that have a particular value, the darker that square is.
 A limitation of timeseries graphs is that only percentage (%) metrics can be displayed.

56) Datadog’s Real User Monitoring (RUM) gives you end-to-end visibility into the real-time activity and experience of individual users. Does Real User
Monitoring (RUM) allows you to modify the sampling rate? Choose the correct statement.
✘ Yes
No

57) Datadog automatically parses JSON-formatted logs. For other formats, Datadog allows you to enrich your logs with the help of Grok Parser. The
Grok syntax provides an easier way to parse logs than pure regular expressions.
You can write parsing rules with what syntax?
%{FILTER:EXTRACT: MATCHER}
✘ %{MATCHER:EXTRACT:FILTER}
%{FILTER: MATCHER: EXTRACT}

58) Datadog’s Real User Monitoring (RUM) gives you end-to-end visibility into the real-time activity and experience of individual users. How does
RUM explorer help you? Choose the 4 correct statements.
✘ Visualize resources loading through the waterfall chart
Build monitors
✘ Navigate user sessions
✘ Investigate performance issues affecting views, resources or actions
✘ Troubleshoot application errors

59) Notifications can be sent via email, chat or ticketing system, or a page (SMS).
When you consider paging someone, you should page on what?
✘ Symptoms rather than causes.
Causes rather than symptoms.
Actual failures/issues to avoid false positives.

60) Alerts allow you to spot problems anywhere in your infrastructure, so that you can rapidly identify their causes and minimize service degradation and disruption.
Choose the 3 correct statements.
✘ An alert should communicate something specific about your systems in plain language.
It is important to have many alerts to many people to make sure issues are not missed.
✘ All alerts should be recorded in an easily accessible central location so they can be correlated with other metrics and events.
Alerts are no longer useful because modern dashboards provide a lot more detail.
✘ The three levels of urgency are: alerts as records (low severity), alerts as notifications (moderate severity), alerts as pages (high severity).

61) Synthetic tests allow you to observe how your systems and applications are performing using simulated requests and actions from around the globe. Datadog tracks the
performance of your webpages and APIs from the backend to the frontend, and at various network levels.
What 2 types of tests are available?
File Transfer tests - Send files from one location to another and verify the file arrives at the destination.
✘ API tests - Launch requests and perform verifications on your web applications at various network levels.
Download Speed tests - Test the speed of downloads from your webpages.
✘ Browser tests - Record end-to-end tests to monitor how your customers experience your webpages from around the world.

62) Security Monitoring detects different sorts of threats to your application or infrastructure. What do detection rules define? Choose the 1 correct statement.
skip logic that is applied to all ingested logs
conditional logic that is applied to only indexed logs
✘ conditional logic that is applied to all ingested logs

63) Real User Monitoring (RUM) gives you end-to-end visibility into the real-time activity and experience of individual users. Synthetic Monitoring tests allow you to observe how
your systems and applications are performing using simulated requests and actions from around the globe. What do synthetic tests combined with RUM provide you? Choose the
correct statement.
Frontend + Backend view
✘ Proactive + Real-time view of front applications.
The ability to correlate logs
Monitor Single Page Applications (SPAs) with ease

64) A dashboard is Datadog's tool for visually tracking, analyzing, and displaying key performance metrics, which enable you to monitor the health of your infrastructure.
Choose the 4 correct statements.
✘ On Timeboards all graphs share the same time scope.
✘ On Screenboards graphs are placed anywhere on the canvas.
Template variables are only available for Timeboards.
✘ From an individual dashboard, you can copy, import, or export a dashboards JSON.
Python scripting language is required to create Timeboards and Screenboards.
✘ You can generate public sharing URLs.