Splunk® Enterprise Security

Administer Splunk Enterprise Security

Create and manage saved searches in Splunk Enterprise Security

Create a saved search, also called a scheduled report, in Splunk Enterprise Security.

  1. From the Enterprise Security menu bar, select Security content then Content management.
  2. Select Create New Content and select Saved Search.
  3. Create a saved search, also called a scheduled report, following the instructions in the Splunk platform documentation.
  4. Modify the permissions of the report to share it with Enterprise Security so that you can view and manage the search in Enterprise Security, following the instructions in the Splunk platform documentation.
Last modified on 22 August, 2024
Create and manage key indicator searches in Splunk Enterprise Security   Create and manage search-driven lookups in Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 8.0.0, 8.0.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters