I am using Elasticsearch and Elastalert to send simple alerts to my slack channel.
Everything was fine until I started using aggregation
and now it says that alert_sent:false.
I read some questions about aggregation not alerting. Is there a way to do it anyway ?
Cause when im using --save-json FILENAME option all related alerts are there!
But still I need to be able to send that alert, it used to work once i cant remember what i did but i received 1 alert containing 2 events on slack.
