I eagerly awaited the Graylog version 2.2.2 with the Option for “Repeat notifications”, with the hope that the old Alert configuration from Graylog could be still used. This was necesarry for example in the Daily mails about Security-Events like Logins / File-Changes.
However, the defined “Grace Period” could not be considered, to this regard, the Daily Mail notifications could not be correctly configured.
For example, the following configuration caused that 15 Mail notifications were sent out for a single message in a stream;
Time Range: 15
Threshold Type: more than
Threshold: 0
Grace period: 15 minutes
Repeat notifications: true
The Grace period was completely ignored and the Alert sent out a notification with every evaluation.
My point of view is that this option should also take into account the Grace Period.
Please advise if I have gotten this completely false or if I have made my configurations wrong.
Is there an option to regularly send notifications regardless of the Alert status?
Hello, I am working on a project what would like Graylog to send a notification right when an alert is triggered instead of every minute. Is there a way to configure that? I noticed Graylog always sends notifications at the same second of every minute.
No, alerting is based on scheduled search queries running in a specific interval. While you can reduce the default interval of 60s, I would strongly advise against doing so:
,