Splunk Enterprise Security

Correlation searches


Hi All,

I upgraded my Splunk ES and i could notice that for some reason the "Out Of The Box" correlation searches are not getting upgraded to their newer version.

Does anyone know why?

Do i have to manually upgrade every correlation search?

Thanks !

0 Karma


Whats your splunk core and ES version? The searches do get updated (if there is an update, in the default/savedsearches.conf of the respective app). However, if you had overwritten them and have a copy in your local/savedsearches.conf, you would need to validate/reconcile them.

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...