diff --git a/playbooks/templates/add_destination_ips_to_ioc_collection.json b/playbooks/templates/add_destination_ips_to_ioc_collection.json
index 4a35b02..e7309c4 100644
--- a/playbooks/templates/add_destination_ips_to_ioc_collection.json
+++ b/playbooks/templates/add_destination_ips_to_ioc_collection.json
@@ -46,7 +46,7 @@
                 ]
             },
             "arguments": {
-                "query": "{{ node.1.short_id }}",
+                "query": "alert_short_ids: {{ node.1.short_id }}",
                 "fields": "destination.ip",
                 "latest_time": "{{ node.1.last_seen_at }}",
                 "earliest_time": "{{ node.1.first_seen_at }}"
diff --git a/playbooks/templates/add_domains_to_ioc_collection.json b/playbooks/templates/add_domains_to_ioc_collection.json
index ecb7a73..b7d0e6c 100644
--- a/playbooks/templates/add_domains_to_ioc_collection.json
+++ b/playbooks/templates/add_domains_to_ioc_collection.json
@@ -46,7 +46,7 @@
                 ]
             },
             "arguments": {
-                "query": "{{ node.1.short_id }}",
+                "query": "alert_short_ids: {{ node.1.short_id }}",
                 "fields": "dns.question.name,url.domain",
                 "latest_time": "{{ node.1.last_seen_at }}",
                 "earliest_time": "{{ node.1.first_seen_at }}"
diff --git a/playbooks/templates/add_source_ips_to_ioc_collection.json b/playbooks/templates/add_source_ips_to_ioc_collection.json
index 4264151..9c99f7b 100644
--- a/playbooks/templates/add_source_ips_to_ioc_collection.json
+++ b/playbooks/templates/add_source_ips_to_ioc_collection.json
@@ -46,7 +46,7 @@
                 ]
             },
             "arguments": {
-                "query": "{{ node.1.short_id }}",
+                "query": "alert_short_ids: {{ node.1.short_id }}",
                 "fields": "source.ip",
                 "latest_time": "{{ node.1.last_seen_at }}",
                 "earliest_time": "{{ node.1.first_seen_at }}"