obtaining a query for data indexed at a data processing system, the query specifying criteria for identifying search results from data items previously indexed by an indexing subsystem of the data processing system;

converting the query into a data processing pipeline, the data processing pipeline specifying a series of nodes and interconnections between individual nodes within the series, wherein the individual nodes designate a transformation of data items within the data processing pipeline, wherein the interconnections designate a routing of messages through the data processing pipeline, and wherein the series of nodes and interconnections logically represent the query;

identifying a first portion of results by applying the data processing pipeline to a streaming data processing subsystem of the data processing system to cause the streaming data processing subsystem to process data items within a first subset of messages, from a stream of messages, obtained at the data processing system during a first past period of time;

identifying a second portion of results by executing the query against a second subset of data items, from the stream of messages, previously indexed by the indexing subsystem, the second subset of data items previously indexed by the indexing subsystem including data items obtained at the data processing system during a second past period of time; and

displaying search results including the first portion of results identified by applying the data processing pipeline to cause the streaming data processing subsystem to process data items within the first subset of messages obtained at the data processing system during the first past period of time and the second portion of results identified by executing the query against the second subset of data items, from the stream of messages, previously indexed by the indexing subsystem including the data items obtained at the data processing system during the second past period of time.