Splunk Core Certified User — Question 6
By default, which of the following fields would be listed in the fields sidebar under interesting Fields?
Answer options
- A. host
- B. index
- C. source
- D. sourcetype
Correct answer: B
Explanation
The correct answer is B, 'index', as it is a default field that Splunk includes in the interesting Fields sidebar. The other options, while important, do not appear by default in this specific context.