|
I am using dedup in my search and my time criteria is real time. The events are coming every minute but the results are not changing at top of the minute. I have turned on default_backfill option to fill the result very first time with the historical data. The data is getting refreshed when the current results fall out of time window i.e. after 5 minutes. And it shows again the oldest data in the window. Because of that data refresh every minute then on as the last result falls out of window. I am seeing the latest result if I don't use the dedup command. |
|
If I sort the result first and then dedup that works. Got the idea from here. Looks like if you have stats command then also data does not get refreshed as the event come until the present result falls out of window. Anybody can explain why such behavior? |