Trying to filter out events which happened past a certain moment in time by providing “since”. Here is what I send {{url}}/api/v1/logs?filter=eventType eq "user.account.update_profile"&since=2019-08-04T11:48:38.673-05:00 and weirdly enough I receive back an entry with published before the moment sent as a parameter
"displayMessage": "Update user profile for Okta",
"eventType": "user.account.update_profile",
"outcome": {
"result": "SUCCESS",
"reason": null
},
"published": "2019-08-04T16:48:37.560Z",
Had to change your request slightly as I provide my TZ specification in since, so request is {{url}}/api/v1/logs?filter=eventType eq "user.account.update_profile"&since=2019-08-04T11:48:38-05:00". Not sure what your accent was on, so let me know if you wanted since to be in UTC. Still the result includes
"displayMessage": "Update user profile for Okta",
"eventType": "user.account.update_profile",
"outcome": {
"result": "SUCCESS",
"reason": null
},
"published": "2019-08-04T16:48:37.560Z",
Quickly verified and confirmed that TZ doesn’t change anything. If I provide since in UTC, Okta still include the event into the reply