'ElastAlert2 frequency rule getting no hits
I am new to elasticsearch and elastic alert, and I am facing the following issue. I am trying to create my first rule and alert. I configure a frequency alert, but I did not get an hit.
The rule configuration file is this:
name: Email Auto download
type: frequency
index: gr-winlogbeat-*
num_events: 3
timeframe:
hours: 1
timestamp_field: "@timestamp"
filter:
- term:
winlog.provider_name: "Email Auto Download Service"
alert:
- "email"
email:
- "[email protected]"
Here is my kibana dashboard kibana
And the elastalert output: output1
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|