I'm trying to create a stat which gives a **RATE** for the last 5 minutes whenever you run `get_stat`. * The code example below runs within a `im_msvistalog` module * Each of the stats are updates using `add_stat('NAME', 1, $EventReceivedTime)` in the main Exec block. * The first schedule (re)creates the stats each hour - see below * The second schedule outputs the stats each minute - see below ``` Every 1 hour create_stat('ep1m', 'RATE', 60, now(), 3600); # Change of count of events in the last 1 MINUTE create_stat('ep5m', 'RATE', 300, now(), 3600); # Change of count (i.e. rate) of events in the last 5 MINUTES Every 1 min log_info(get_stat('ep1m') + ' events collected from Windows Security Event Log in the last 1 minutes'); log_info(get_stat('ep5m') + ' events collected from Windows Security Event Log in the last 5 minutes'); ``` * The stat that gives me a rate per minute is working fine. * The stat that gives me a rate per 5 minutes is not working as expected. ``` create_stat('ep5m', 'RATE', 300, now(), 3600); ``` My expectation was that each minute, when I write the log, it would give me the RATE (i.e. change in count) **for the last 300 seconds**. I expected this value to go up and down each minute when I write the log info output. Instead it seems to be grouping the statistics into fixed 5 minute windows from the creation of the counter. That is, a RATE for the first 0-5 mins, then a new RATE for the next 5-10 mins, etc. Is there a way to ensure that when I query the statistics for the last 5 minutes it always gives me the interval between `now()` and 300 seconds ago?