Host, source, and sourcetype are in the selected field section by default. Which leaves index for the interesting fields section right below on the sidebar.
host, source & sourcetype are displayed, by default, under Selected Fields, so these answers are incorrect.
Index is the correct answer, because it's the only one that is left and also because under Interesting Fields, all the fields are displayed that are present in at least 20% of the results. This would be the case for index, because all events are always part of an index.
So the correct answer is B
This question is confusing.nteresting fields are key-value pairs that Splunk extracts when searching the data. When you dispatch a search, Splunk will try to identify delimiters such as an equal sign or colon and assign the value on the left as the field and the value on the right as the value. It will then take these key-value pairs and list them under interesting fields if that fields is atleast 20% of the search range by default. You can pop open the fields at the bottom of the selection and select any fields that you want at the top and they become selected fields.https://community.splunk.com/t5/Archive/What-is-an-interesting-field/m-p/417956. I think the correct answer is A, C,D
It would have been. if that is multiple questions. It is a trick question however. And thats is why A,C,D fields are Selected by default. Whereas Index is not and it is located in Interesting fields by default. Hence Correct answer is B
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
nonee125
Highly Voted 4 years, 6 months agoCyde
Most Recent 6 months agoLonny
1 year agoTheRealSplunkie
1 year, 5 months agoHuslayer
1 year, 5 months agoSunsil
2 years agoSteve2610
2 years, 5 months agocagdaskarabag
2 years, 7 months ago[Removed]
2 years, 8 months agoCheroti
2 years, 9 months agorakusu
3 years, 9 months agomarty
3 years, 11 months agoSGBEB
4 years agoNanila
4 years agoNanila
4 years agoSpTester
3 years, 11 months agoOduro
4 years, 2 months agosid2051
4 years, 4 months ago