Hello!
I have the following scenario: I integrated Elasticsearch with another software via Webhook. The main idea of the integration is for Elastic to trigger events to this other software if a synthetic test fails more than X times within a given timeframe.
The problem is that Elastic is sending events to the Webhook even when the rule is not met; it just takes a few failures in the synthetic test for it to trigger the event.
Additionally, even after setting the alerts to snooze, the event is still triggered. Attached are pictures of the alert rules and the event triggers.
