i would like to run a search (to collect data in a summary index) triggered by an alert, which is checking for new data. e.g. if the start of a new dataset comes in, i would like to enrich, manipulate and collect the last dataset into a summary index.
if the collect search only runs on a time schedule, i may get inconsistencies in between the collected dataset due to cutting in between.
i'm looking for something like a custom alert action to trigger another saved search.
Second possibility - you could use your first search to determine and return the earliest= and latest= times for your search that collects the data... and then set teh same arbitrary future date/time as both earliest and latest if your search determines there is no data.