timmy59100
commented
3 years ago Hi You have to set realert in the rule: realert: minutes: 0
Closed carmenqueasyy closed 2 years ago
timmy59100
commented
3 years ago Hi You have to set realert in the rule: realert: minutes: 0
Hello! I'm trying to set up elastalert to send an alert for each match, now this is the situation -
INFO:elastalert:Ran security from 2021-04-09 14:11 MSK to 2021-04-09 14:15 MSK: 2 query hits (0 already seen), 2 matches, 1 alerts sentand in this notification I see only one match, how can I make an alert for each match?