The `splunk_hec` sink does not index fields by default - Vector

There is no longer a distinction within Vector between explicit and implicit event fields. All fields are now implicit and therefore the splunk_hec sink will not index any fields by default.

Upgrade Guide

In order to mark desired fields as indexed you can use the optional configuration option indexed_fields:

yaml

 sinks:
   my_sink_id:
     type: "splunk_hec"
     inputs: ["my-source-id"]
+    indexed_fields: ["foo", "bar"]