Some backstory:

• I am writing end-to-end automation for a microservice that writes events to Splunk.
• I use Java Splunk SDK version 1.6.3.0, which is the latest version stored on our artifactory
• After I drop files in a particular folder on S3, our service calls various internal APIs and logs the status to Splunk.
• After dropping the files, my automation needs to wait for a particular unique event to appear and then continues doing some internal validations.

I would like to be able to wait for a specific event to appear on Splunk, with a timeout of some number of seconds in case the event never happens. Currently I do this with a for loop and poll for the specified event to appear. However, I wonder if there might be a more efficient way to do this.

Here's a sample of an event I need to wait for:

{   
<snip/>
     file_url:   https://some.website/somefile.json 
     id:     12345  
     level:  30 
     msg:    File processing succeeded  
     name:   myservicename
<snip/>
}

And a sample query:

index=myindex sourcetype=myservicename msg="File processing succeeded" file_url="https://some.website/somefile.json" id="12345"

In this example, index, sourcetype, and msg are the same every time I run my test case. file_url and id are unique each time.

What is the recommended way to wait for a particular event? What kind of query is recommended (blocking/etc)?