Hello I'm experiencing an issue with Automation Rules in Splunk Enterprise Security (8.5.1). Sometimes I'm able to add a detection successfully, but after saving, other previously configured detections disappear. In other cases, I receive the following error: "Could not update automation rule: Failed to create automation rule mapping as detection is already mapped to an automation rule." What's confusing is that after this happens, some of the detections I had added previously are no longer visible in the rule. The behavior seems inconsistent, as sometimes detections can be added and other times they disappear or trigger the error above. ... View more