schedule changes for vuln detection

cyences_app_for_splunk/default/savedsearches.conf

@@ -3802,11 +3802,11 @@ alert.suppress = 0
 counttype = number of events
 quantity = 0
 relation = greater than
-cron_schedule =  0 */4 * * *
+cron_schedule = 5 */4 * * *
 description = Newly detected Vulnerabilities from vulnerability data. \
 \
 Data Collection - Qualys, Tenable, Nessus, CrowdStrike Spotlight vulnerability, etc.. 
-dispatch.earliest_time = -4h@m
+dispatch.earliest_time = -4h@h
 dispatch.latest_time = now
 display.general.type = statistics
 display.page.search.tab = statistics
@@ -3816,7 +3816,7 @@ request.ui_dispatch_view = search
 search = | inputlookup cs_all_vuln where  (status="open" OR status="reopened") \
 | dedup vul_id \
 | eval _time=first_found \
-| eval days_ago=relative_time(now(), "-4h@m") \
+| eval days_ago=relative_time(now(), "-4h@h") \
 | where _time >= days_ago \
 | fields - days_ago time _time \
 | `cs_human_readable_time_format(first_found)` \
@@ -6166,11 +6166,11 @@ search = | inputlookup cs_all_assets \
 disabled = 0
 enableSched = 1
 alert.track = 0
-cron_schedule =  0 0 * * *
-description = This savedsearch update the vulnerability inventory every day and generates lookup for all vulnerability data. \
+cron_schedule =  0 */4 * * *
+description = This savedsearch update the vulnerability inventory every 4 hours and generates lookup for all vulnerability data. \
 \
 Data Collection - Qualys, Tenable, Nessus vulnerability data 
-dispatch.earliest_time = -1d@m
+dispatch.earliest_time = -4h@m
 dispatch.latest_time = now
 display.general.type = statistics
 display.page.search.tab = statistics