In Kibana watcher alerts it's possible to fully control the alert schedule using trigger.
{
"trigger": {
"schedule": {
"interval": "2m"
}
},
However in elastalert there is no dedicated feature but only to use which aggregate alerts and send
aggregation:
hours: 2
There is an open issue https://github.com/Yelp/elastalert/issues/1895 If someone know any viable way or an hack to solve this , please let me know.
In ElastAlert v0.2.2, they have provided a limit_execution feature. In that we can define a cron expression. Since I wanted to run at every 15 minutes , I used 0/15 * * * *.
limit_execution: "0/15 * * * *"
Further reading-
Refer -https://github.com/Yelp/elastalert/issues/492
Release note-https://github.com/Yelp/elastalert/blob/master/changelog.md
Free online cron expression validator-https://crontab.cronhub.io/