In Splunk, you can extract fields using either event lists, sidebars or other settings menu through the User Interface. You could also write your own regular expressions in the props.conf configuration file.

BY Best Interview Question ON 24 Feb 2020