Open nickewa opened 9 years ago
miketanderson
commented
9 years ago @nickewa How would you recommend balancing this against people who want a report with 0 matches because it verifies that the reports are working (as opposed to the reports being broken even though events are coming in)?
nickewa
commented
9 years ago I'd suggest having a tickbox or something to opt in/out, with the default being "always send a report", but by enabling said box on a given account, it would disable the report if there's no matches..
Unless I'm missing something, there's no way to disable alerts if no rules have triggered. I have a testing environment set up, and after trimming away false positives, I'm now down to 0 hits in the past day, however I'm still receiving the daily email.
I can see this being a problem, as if people receive mails with 0 matches day after day, they will stop caring and miss the one with matches.
Is this just a configuration issue on my end, or something that you may be able to add?