I am seeing the same behavior. Has anything further been determined about this issue?
I have pulled up messages in search that I believe should have generated an alert, and then tested them against the appropriate stream. They do show as matching (green) for all conditions of the stream. However, they are not showing up in the list of alerts for that stream. I was having the same issue last week on version 2.0.0, and when I updated (and in that process restarted the server) the alerts started working as expected. However, they have now stopped again. I don't see any issues on the system or in the graylog system log (aside from a valid certification path that happens all the time). Version is: Graylog 2.0.2 (4da1379) on graylog2 (Oracle Corporation 1.8.0_91 on Linux 3.13.0-74-generic) Justin On Thursday, June 2, 2016 at 8:20:16 AM UTC-4, Rakesh R wrote: > > Hi, > Here are few rules from different streams > > *message* must match regular expression *RuntimeException: No > Elastic Search server found for partner * > *full_message* must match exactly *"Cannot find" * > > - * message* must match regular expression > *java.util.concurrent.TimeoutException* > - > <https://prod-logs.sprinklr.com/streams/55074e9ee4b09422e47e9c6b/edit#> > > <https://prod-logs.sprinklr.com/streams/55074e9ee4b09422e47e9c6b/edit#> > *message* must match regular expression > *InboundMessageInformationLoader* > > Sample Alert condition > > - *Alert is triggered when there are more than 0 messages in the last > 10 minutes. Grace period: 0 minutes. Not including any messages in alert > notification.* > > > These alerts are being triggered , but only for some time like for a few > hours. After that the alerts wont be triggered and there are no errors in > graylog server's logs. > once the graylog server is restarted the alerts are triggered again. And > after some time they stop and should be restarted again. > > Sample Alert condition > On Monday, May 30, 2016 at 2:12:44 PM UTC+5:30, Rakesh R wrote: >> >> Hi, >> >> Graylog is setup properly and there seems to be some issue with the >> alerts being triggered. Test mails are working fine. The alerts are >> triggered from the streams when the server is restarted and after some time >> the alerts are not triggered. I have checked the configuration and >> everything is fine. Can some one help me. >> > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/b1a0bf20-d3cd-4faa-881d-409fe3d120d0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
