Hi,
I 'm experiencing the same problem that @Anirudhan.
I've create a custom (very simple rule) on a custom index containing Fortinet Logs and it is not generating signals (although many events exists) . (See below)
As far I understand this is a diferent situation than in Threshold rules not triggering on selfmade index , in fact threshold rules are working but custom querys not
Non-working Detection rule
When a create a threshold rules with the same query, events are generated
Working Threshold rule
Thank you
Regads
Anna