Missing alerts after the first alert #1356
Description
Acknowledgements
- I have searched (https://github.com/utmstack/UTMStack/issues) for past instances of this issue
- I have verified that my UTMStack version is up-to-date
Describe the bug
If I do something to cause an alert, then that alert arrives properly - the first time. However, if I do that same action again, the alert does not show up. The Log Explorer shows the event, but it seems like I must wait a certain amount of time before the same events will cause an alert again.
I do see a recent feature "#1167" that is titled "Intelligent Alert Deduplication to Minimize Alert Fatigue" which seems like it could potentially be part of this, but I have not been able to find any information on that.
Regression Issue
- Select this option if this issue appears to be a regression.
Expected Behavior
I expect to receive an alert every time a log event matches a rule.
Current Behavior
The logs matching a rule only generate an alert the first time they happen, then no more alerts are generated. Later, after some unknown amount of time has passed, another log entry will generate a rule but then it will stop again.
Reproduction Steps
Find a rule that you can easily trigger.
Trigger it.
Receive the alert.
Trigger it again.
No alert is received.
Possible Solution
Either confirm this is a bug or very specifically document the intended behavior.
Additional Information/Context
No response
UTMStack Version
10.9.1
Operating System and version
Ubuntu 22.04 LTS
Hypervisor and Version | Server Vendor and Model
Proxmox
Browser and version
Chrome 140