What are the indexes called that are searched even if a user omits the index in a search?

Default indexes are the designated repositories in Splunk that are automatically included in search queries, even if the user does not explicitly specify them. This feature streamlines the search process by ensuring that essential logs and data are always considered in the analysis, enhancing the comprehensiveness of the search results.

The purpose of default indexes is to facilitate user experience by allowing users to access commonly relevant information without needing to remember or input the index name every time. It is particularly useful for those who may not have extensive knowledge of the various data sources available in the system.

In contrast, the other types of indexes mentioned do not serve the same function. System indexes are primarily used for Splunk's internal purposes and management; base indexes may refer to primary storage areas though this term is less standard in the context of Splunk; and common indexes would imply shared repositories but do not specifically denote the automatic inclusion feature of default indexes. Understanding the role of default indexes is crucial for effective search optimization within Splunk environments.