Q: 13
When extracting fields, we may choose to use our own regular expressions
Options
Discussion
Pretty sure that's True. You can definitely write your own regex for custom field extraction in Splunk, not just use the defaults. Maybe some confusion since automatic extraction works for basics, but manual regex is allowed. Agree?
For me, that's not the case, so False. From what I've seen in official docs and practice, Splunk handles field extraction automatically for most stuff, so you don't typically have to write your own regex unless you want something custom. Check the Splunk exam guide or try some labs if you're unsure.
Be respectful. No spam.
