Internal fields, such as _raw and _time can be explicitly removed from results with fields command?

The statement is true that internal fields like _raw and _time cannot be explicitly removed from results using the fields command. The fields command is used to include or exclude specific fields in search results but does not allow the removal of internal fields that are integral to Splunk's data processing and searching capabilities. These internal fields are essential for understanding the structure of the data and its logistical representation within Splunk. Thus, while you can modify the visibility of custom fields or indexed data fields, the core internal fields must remain available in the results for their defined roles in data interpretation and search functionalities.