How can I create a alert that checks for the last events?
For example I might collect 36 documents of the same event but the timestamp is different. I don't really care about the all the events because it might create spam. Like 36 alerts is not as useful, but 1 alert with the latest event is . OR is there a way to create aggregations in log threshold alerts?