I have two questions for anyone who might be using this add on.

1) We have a variety of kusto queries and by and large they have been ok.  In one case though we find one that seems to only be activating every so often when it feels like it.  All the rest are fine and all of them, including this bad one, use the same interval.  I mean you can see they are all the same as its a column when looking over the inputs area.  Im wondering if anyone has ever encountered this behavior and if so if anything fixed it.  Its funny too because I was somewhat concerned about us hitting some limit on log analytics or some such but I have setup some more and they are essentially fine.

2) Our queries are setup to grab the last minute every minute.  I notice we seem to miss some data and my theory is I need to overlap to deal with latencies in the query itself.  The absolute worst query I saw took into the teens to do so I was thinking of grabbing the last 80 seconds every 60 seconds.  Im a little concerned though how splunk might handle that.  Will it recognize input that is exactly the same as recieved before and deduplicate or will we be pushing a bunch of duplicates?