diff --git a/default/savedsearches.conf b/default/savedsearches.conf
index 7d1260b..8c35ca3 100644
--- a/default/savedsearches.conf
+++ b/default/savedsearches.conf
@@ -6607,7 +6607,7 @@ alert.severity = 2
 counttype = number of events
 cron_schedule = 43 4 * * *
 description = Chance the alert requires action? Moderate. this alert attempts to find a list of roles that have capabilities the admin (or roles inheriting) the admin role do not have. The issue with this is that the Settings -> Users UI page, or in the /services/authentication/users REST endpoint will not show users *if* the grantableRoles setting is used on that particular role. Since this setting can be set by the UI itself it an issue can occur that some users do not appear in Settings -> Users but are cached by Splunk correctly, you just cannot see them. \
-The page https://docs.splunk.com/Documentation/Splunk/latest/Admin/authorizeconf descrbies the grantableRoles setting in more detail, this is definitely an edge case but it may be worth detecting...
+The page https://docs.splunk.com/Documentation/Splunk/latest/Admin/authorizeconf describes the grantableRoles setting in more detail, this is definitely an edge case but it may be worth detecting...
 dispatch.earliest_time = -1d@h
 dispatch.latest_time = now
 display.events.fields = ["host","source","sourcetype"]