Solved: Re: How do I delete reports created by Splunk Ente...

Erilope · ‎10-26-2022

Hello,

I wanted to ask if there was a way I can delete reports created by Enterprise Security? There are reports created by Enterprise Security that we will never use, and i would just like to clean up the reports menu.

richgalloway · ‎10-27-2022

You'll have to edit the default savedsearches.conf files (never recommended) and restart the ES SH to remove the reports. Before doing that (not that you should), try disabling the reports to make sure there are no adverse side effects. Remember that upgrading ES will restore the reports.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway · ‎10-27-2022

You'll have to edit the default savedsearches.conf files (never recommended) and restart the ES SH to remove the reports. Before doing that (not that you should), try disabling the reports to make sure there are no adverse side effects. Remember that upgrading ES will restore the reports.

---
If this reply helps you, Karma would be appreciated.

Erilope · ‎10-27-2022

Thank you for your assistance with this, I will do that!

How do I delete reports created by Splunk Enterprise Security?

configuration

other

troubleshooting

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Splunk Life | Happy Pride Month!

SplunkTrust | Where Are They Now - Michael Uschmann