I'm using Splunk Add-on Builder to configure a REST API input for Samsung Knox. REST URL: https://region.manage.samsungknox.com/emm/oapi/audit/read POST Request Headers: Authorization: Bearer <token> Content-Type: application/x-www-form-urlencoded POST Request Body client_id client_secret grant_type timeZone = +07:00 includeProcessInfo = true includeLogData = true The request is successfully sent, but the response always returns timestamps in UTC (+00:00) and doesn't seem to reflect the timeZone (auditTimestampText) or other body parameters i requested. When I test this in Postman, I get the expected log results with localized timestamps and full data. But when I configure the same request in Add-on Builder, the response seems incomplete or ignores the body parameters — especially timeZone. reference for Samsung Knox API (https://docs.samsungknox.com/dev/knox-manage/api/#tag/Audit/operation/read) Any information on how to debug this? or any workaround for this? Thank you. ... View more