<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00008KAGeECAXOkta Classic EngineAPI Access ManagementAnswered2024-04-03T16:09:08.000Z2022-11-01T06:11:43.000Z2022-11-01T14:16:55.000Z

p8eko (p8eko) asked a question.

Edited November 1, 2022 at 6:13 AM
'Delayed' events from 'System Log' API

I setup two pipelines ingesting data from 'GET /api/v1/logs'.

One syncs every minute, the other syncs every 2 hours.

Comparing the records, based on Okta-returned UUID, every minute pipeline was missing >2% events that showed up in the every 2 hours pipeline.

 

Documentation says:

Not all events for the specified time range may be present — events may be delayed. Such delays are rare but possible.

But 2-3% is NOT RARE.

What sync frequency is recommended to get complete records from the API endpoint?

 

Parameters send to API: '{"since":"max(published) formatted 'YYYY-MM-DDTHH:MI:SS.FF3Z'","until":"current_timestamp() 'formatted YYYY-MM-DDTHH:MI:SS.FF3Z ","sortOrder": "ASCENDING","limit":1000}'

 

  • 1 answer
  • 431 views

  • MatthewH.10249 (State of Iowa)

    "events may be delayed" I take that statement to mean that it is unknow when delays will occur and logs get added at a later time. The longer you wait to pull logs the more likely you are to get most of the events.

This question is closed.
Loading
'Delayed' events from 'System Log' API