Hi Ajay, On Wednesday, 7 September 2016 05:20:15 UTC+2, Ajay Kumar wrote: > > Just out of curiosity, is it a limitation by design or intentionally > feature is kept like that?
It's a current design limitation. Alerts are being generated by periodically running Elasticsearch queries (default: 60s) over a given time window, so it's always possible that there are multiple "hits" within this period. Cheers, Jochen -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/f4b9a33e-726a-40e5-a818-c32de7ad3b41%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
