https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/not-getting-result-of-splunk-query-in-xsoar/m-p/537141#M1952 <P>If certain Splunk apps have access to certain indexes you may have to define the Splunk app to use within the playbook task.</P> Thu, 30 Mar 2023 20:30:10 GMT Joesephtorres 2023-03-30T20:30:10Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/not-getting-result-of-splunk-query-in-xsoar/m-p/532161#M1833 <P>I am trying one splunk query to fetch some result in xsoar using automation splunk-search, but I am not getting any result in xsoar whereas for the same query I am getting result in splunk, can anyone please help, below is the query:</P> <P>index=cbuae_windows | search&nbsp; host IN(${incident.destinationhostname}) | stats values(Account_Domain) as Account_Domain,values(Account_Name) as Account_Name,values(EventCode) as EventCode,values(dest_nt_domain) as dest_nt_domain,values(signature) as signature,values(dest) as dest,earliest(_time) as earliest,latest(_time) as latest by user,src_user,action,host&nbsp;</P> <P>&nbsp;</P> Fri, 24 Feb 2023 06:29:32 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/not-getting-result-of-splunk-query-in-xsoar/m-p/532161#M1833 Himangi 2023-02-24T06:29:32Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/not-getting-result-of-splunk-query-in-xsoar/m-p/537141#M1952 <P>If certain Splunk apps have access to certain indexes you may have to define the Splunk app to use within the playbook task.</P> Thu, 30 Mar 2023 20:30:10 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/not-getting-result-of-splunk-query-in-xsoar/m-p/537141#M1952 Joesephtorres 2023-03-30T20:30:10Z