Hi,
I need to develop throttling notification for Graylog-plugin. I am referring and using Correlation-count plugin. I want to develop such a condition which will send notification/alert in particular time interval e.g 30 min. so How to achieve this. I am posting scenario below:
Goal is to send first notification during particular time window
for example If frequency is set for every 30 minutes , in this case 30 minutes is window not interval
Window-1 - let’s say first alert gets generated at 10th minute, then ignore rest of alert in the same category for the next 20 minutes.
Window 2 - alert can generated at any time in this window send the first one and wait for window to expire
and so on…
can someone help me and guide me how to start with?