Dear community,
is there a possibility to auto-acknowledge elastic alerts and not send out duplicate emails if already an email was sent out for a specific log source or error string?
There is the possibility to set the watcher to wait a specific period of time to alert again, but I am interested in a solution to send out for error strings from unique log source just once and auto acknowledge the others for eg. 1 day.
Thanks