Hi,
I would like to setup an alert so that if there are any Error logs (stringLevel:Error) within the last 24 hours, graylog will send a single slack messge and include the messages in that query under the same alert notification in the backlog. At the moment, im getting 30 event messages (1 backlog per event) for 30 Error logs. What do I need to do to set this up?
(Graylog 4.0)
Thanks team!
Mason