Hi,
I have very odd situation, all but one realtime alert are working fine. One alert which flags up the 404s works for a few minutes after splunk restart and then it stops sending emails. Neither python.log nor scheduler.log shows any sort of errors. It looks like an alert would never be triggered, however when I open the search result i can observer that search actually works.
... View more