Yep, so I had my support session and this is a known issue right now. When some dashboards/searches are saved private they for some reason save locally and thus "You don't get to delete them even if you have sc_admin!" xD The support analyst has to escalate for them to be removed from the back end and as of right now this is the future move until the issue is resolved. Thanks to everyone who looked, helped, or offered solutions!! I'm just not adult enough is the moral of the story 😂 Update from support "I also wanted to let you know I little bit more about the known issue that I mentioned in the meeting, there are two issues related to knowledge objects, one happens when Splunk web is not able to delete those because they were created as private. There is another one when you are able to reassign and clone KO without the permissions, turns out that if you create a KO and you share it with someone you lose the delete/disable option so you'll need to have permission on every copy shared of the KO to be able to delete it."
... View more