Splunk Observability Cloud Certified Metrics User — Question 31

An analyst needs to create a new field at search time. Which Splunk command will dynamically extract additional fields as part of a Search pipeline?

Answer options

• A. rex
• B. fields
• C. regex
• D. eval

Correct answer: A

Explanation

The 'rex' command is used in Splunk to extract fields from the data during search time based on regular expressions. The other options, while related to field manipulation or extraction, do not dynamically create new fields within the search pipeline like 'rex' does.