q1: You can find the alerts in your system by going to "Settings" > "Searches, Reports and Alerts". From this list, you should set Type, App and Owner filters to "All" so you can find your alerts. Now you can edit, enable and disable the alert.
To learn more about alerts, watch this quick youtube video made by the Splunk Education team:
https://www.youtube.com/watch?v=0REbozaALX0
q2: There is a sample search included in Splunk Security Essentials https://splunkbase.splunk.com/app/3435/ which has a basic search for detecting brute force login attempts. This is starting search you could try and use:
index=* (source=win*security OR sourcetype=linux_secure OR tag=authentication) user=* user!=""
| stats count(eval(action="success")) as successes count(eval(action="failure")) as failures by src dest
| where successes>0 AND failures>100
... View more