The Panther API sometimes yields inconsistent or empty results when querying my alerts in the data lake
Issue
When I use the Panther API to retrieve my Panther alerts with a SQL query to the data lake, I encounter inconsistencies or empty results, which is not the expected outcome.
Resolution
Ensure that a delay of 1 to 5 minutes occurs after the alert is triggered.
Cause
This behavior occurs because there is a delay between when an alert is created and when the events are available in the data lake.