I’ve managed to set an alert that gets triggered when a user fails its login 3 times in 1 minute (just test values). i get alerted. 1 minute later, the unresolved alert is solved and i didn’t even see it… please someone tell me how i can keep the unresolved alert up until i have checked it out and seen where it comes from etc… is there any way to get the unresolved alert written in a file so i can look at it when it’s been automatically resolved?
you might want to read this part of the documentation:
https://docs.graylog.org/en/3.2/pages/alerting/alerting-by-example.html
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.