1. Home
  2. Discussions
  3. Splunk
  4. Splunk Cloud Certified Admin
  5. SPLK-1005 Discussions
  6. SPLK-1005 Exam Topic 2 Question 18 Discussion

Splunk Cloud Certified Admin SPLK-1005 Question # 18 Topic 2 Discussion

 Splunk Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Splunk Cloud Certified Admin SPLK-1005 Question # 18 Topic 2 Discussion

SPLK-1005 Exam Topic 2 Question 18 Discussion:
Question #: 18
Topic #: 2

Which of the following methods is valid for creating index-time field extractions?
A.

Use the UI to create a sourcetype, specify the field name and corresponding regular expression with capture statement.

B.

Create a configuration app with the index-time props.conf and/or transfoms. conf, and upload the app via UI.

C.

Use the CU app to define settings in fields.conf, and restart Splunk Cloud.

D.

Use the rex command to extract the desired field, and then save as a calculated field.

Get Premium SPLK-1005 Questions
Actual exam question for Splunk SPLK-1005 exam by Echo58454 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next