Hi Ajay, On Wednesday, 7 September 2016 05:20:15 UTC+2, Ajay Kumar wrote: > > Just out of curiosity, is it a limitation by design or intentionally > feature is kept like that?
It's a current design limitation. Alerts are being generated by periodically running Elasticsearch queries (default: 60s) over a given time window, so it's always possible that there are multiple "hits" within this period. Cheers, Jochen -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/f4b9a33e-726a-40e5-a818-c32de7ad3b41%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
