When using the Field Extractor (FX) in Splunk for regex field extraction, it's important to select the context in which you want to perform the extraction. The context is essentially the subset of data you're focusing on for your field extraction task.
D: Sourcetype or source: This is the correct option. In the initial steps of using the Field Extractor tool, you're prompted to choose a data type for your field extraction. The options available are typically based on the nature of your data and how it's organized in Splunk. "Sourcetype" refers to the kind of data you're dealing with, a categorization that helps Splunk apply specific processing rules. "Source" refers to the origin of the data, like a specific log file or data input. By selecting either a sourcetype or source, you're narrowing down the dataset on which you'll perform the regex extraction, making it more manageable and relevant.

Reference: https://docs.splunk.com/Documentation/SplunkCloud/8.0.2003/Knowledge/Defineeventtypes When multiple event types with different color values are assigned to the same event, the color displayed for the events is determined by the priority of the event types. The priority is a numerical value that indicates how important an event type is. The higher the priority, the more important the event type. The event type with the highest priority will determine the color of the event.

The correct answer is C. Creates reports without using SPL. This is because the Pivot tool is a feature of Splunk that allows you to report on a specific data set without using the Splunk Search Processing Language (SPL). You can use a drag-and-drop interface to design and generate pivots that present different aspects of your data in the form of tables, charts, and other visualizations. You can learn more about the Pivot tool from the Splunk documentation1 or watch a video tutorial2. The other options are incorrect because they do not describe the features of the Pivot tool. The Pivot tool requires data models and datasets to define the data that you want to work with. Data models and datasets are designed by the knowledge managers in your organization. You can learn more about data models and datasets from the Splunk documentation3. The Pivot tool does not create lookups, which are tables that match field values to other field values. You can create lookups using SPL or the Lookup Editor. You can learn more about lookups from the Splunk documentation.