Hi Morgan,
the problem is that the search has not been saved using "Save Criteria" but using only Save Results .
The article you provide, at point 1. Confirm your search is saved, shows that prerequisite is that "Save Criteria" has been selected.
I have old appliance running if can be useful
------------------------------
Daniele Pisano
------------------------------
Original Message:
Sent: Mon October 28, 2024 10:50 AM
From: Comghall Morgan
Subject: Save Results Searches to recover
Hello,
The configuration backup includes only saved searches, not the results.
Here is a method to export saved searches via the API that may be useful.
https://www.ibm.com/support/pages/node/6540268
Regards
------------------------------
Comghall Morgan
QRadar Support Architect
IBM
Original Message:
Sent: Sat October 26, 2024 05:18 AM
From: Daniele Pisano
Subject: Save Results Searches to recover
Hi community,
i'm asking yout help to find a way to recover a particular kind of Searches after a Console replacement.
What i'm trying to retrieve is the searches that user have Saved Results and set Expiration to Never but not Saved Criteria.
This link is to make you understand what i'm referring to:
ibm.com/support/pages/qradar-why-do-some-search-results-have-never-expires-column
After console migration have i restored a backup and i could recover Saved Search when "Save Criteria" option was been choosen
I tried to use contenManagement export and import ( Methods of importing and exporting content - IBM Documentation ) but again i could recover searches saved with Save Criteria option only but not searches that user has choose to Save Results only
What can i try more?
Thanks
------------------------------
Daniele Pisano
------------------------------