Hi,
I'm running 7.8.0 on a 3 node cluster. I have an Alert configured for HDD usage against system.filesystem.used.pct for anything that is greater than or equal to 0.8 (80%).
The alert is configured to check every 5 minutes based on the last 1 minute of index data. This works and I get alerts which are configured to an alert per agent.hostname
The alert if set to 'Notify Every' 5 hours so in theory if the alert isn't resolved I should not get an alert for 5 hours.
The issue is that the alert is triggering every time it runs the check so im receiving an email for the alert every 5 minutes despite the Notify Every being set to 5 hours.
Has anyone had a similar issue, or is there a problem with the my configuration in which it thinks it's a new alert?