Graylog: Send a notification containing a list of matching events of a given timespan instead of seperate notifications for each event

gsmith · January 13, 2023, 10:30pm

This statment does not match you configurations shown in that screen shot.

Here is a demo perhaps it might help.

EXAMPLE:

Search for “Level:<4”
In stream “all Messages”
Execute a search Ever 24 hours, THEN search the past 24 hours
Create Event IF the count is greater then 0 in the stream called “All messages”, ALERT.
Notification , Grace Period is set to 1 day. So ever DAY send a notification but only Only 10 messages

Topic		Replies	Views
Graylog 4.1.5 - Notifications - One Mail per Event - No Backlog Graylog Central (peer support)	8	905	November 3, 2021
Aggregating Events for Notification Graylog Central (peer support)	3	875	April 1, 2021
[SOLVED] Event notifications not sending aggregated logs Graylog Central (peer support)	3	1390	December 2, 2022
Graylog 3.3.5 - Some messages in stream do not generate event and notification Graylog Central (peer support)	15	2161	April 9, 2021
Notifications being sent too frequently Graylog Central (peer support)	10	1366	January 31, 2020