FR: Add support for Splunk Correlation Search in splunk_saved_searches

splunk / terraform-provider-splunk

Terraform Provider for Splunk

Mozilla Public License 2.0

102 stars 75 forks source link

FR: Add support for Splunk Correlation Search in splunk_saved_searches #187

Closed secbrianyau closed 2 months ago

secbrianyau commented 2 months ago

Hi,

Can this provider support adding Splunk Correlation Search of Enterprise Security? According to https://docs.splunk.com/Documentation/ES/7.3.1/Admin/Upgradecorrelationsearches, correlation searches should also be a part of savedsearches, while those parameters related are not available in the resource splunk_saved_searches.

secbrianyau commented 2 months ago

Seems infeasible - not support from the RESTAPI doc