topic All time (real-time) search through the API in Getting Data In

All time (real-time) search through the API

zenmoto — Mon, 28 Sep 2020 15:28:23 GMT

I'm trying to do a real-time search using the REST API- I've got a bit of a delay indexing, and I want events as they are indexed, even if they are old. In the UI, I can specify an 'All-time (real-time)' search and get that behavior, but I can't figure out how to specify that behavior using the API. If I use earliest_time = 'rt' I seem to miss events, if I use a window like earliest_time = rt-1h I get a lot of events with preview=true and it appears they are duplicated. What is the proper earliest_time value to use for this type of search?

Re: All time (real-time) search through the API

zenmoto — Thu, 12 Dec 2013 19:49:15 GMT

I think I figured this out myself- though I'd dug into the _internal logs, inspected searches, combed through documentation and been unable to find it I just happened to be looking at my URL bar as I did an 'All time (real-time)' search in the GUI and saw the time parameters- '&earliest=rt&latest=rt'. So it looks like having both earliest_time and latest_time set to 'rt' seems to be the answer- I just need to chase down why it is working in the GUI but isn't working via the API.