Hi Graylog Community,
We are running Graylog V 2.4 (We know its out of support officially)
When configuring a new Aggregate rule we are unable to get any of the Triggered Aggregates to appear as Alerts and as such not e-mail any active alerts.
Some existing aggregates appear to work fine (but not all)
Does anyone have any input in what could be causing this? Our queries are pretty basic.
Testing the below aggregate i can see multiple entries under our all messages stream yet the aggregate wont trigger
Appreciate your help!
Thanks
