Hello Evgeniy,
which version of Graylog are you using? With version 2.2 (and the 2.2-beta versions), Graylog switched the alerting system to stateful alerts/notifications. This means, a triggered alert will only send one notification (email) and wait until it has been cleared to generate a new notification. See this “With the new stateful notifications, you will not be notified again until the alert condition is no longer satisfied.” on the Graylog blog.
Since you are looking for the message count being larger than 0 in the stream, this alert condition could stay satisfied for a long time.
As far as I know there is no plugin availiable, that acts as a output and sends the messages in emails. This could be an idea for a new plugin, I might look into it when I’ve got time 
You could try the Aggregates Plugin since this uses a custom timing cycle…