The following alert does not trigger in both time and frequency.
The goal was a check every 10 minutes for the last 10 minutes,  but although I performed several tests and the data were there  (alert's search verified) - I could see a single record on form "Triggered Alerts"
only after 16 hours.
Spunk is 7.1

[Access Control Errors]
alert.severity = 4
alert.suppress = 0
alert.track = 1
counttype = number of events
cron_schedule = 0 * * * *
description = Access Control Errors
dispatch.earliest_time = -10m
dispatch.latest_time = now
display.general.type = statistics
display.page.search.tab = statistics
enableSched = 1
quantity = 0
relation = greater than
request.ui_dispatch_app = omega_core_audit
request.ui_dispatch_view = search
search = `mc_unf_md` | search SEO_ACC=1 RETURNCODE!=0

the same alert (and with data from same program) works OK on Splunk 6.4
and with an 1 hour frequency, and with an e-mail action

[Omega CA Access Control Errors]
action.email = 1
action.email.include.trigger_time = 1
action.email.inline = 1
action.email.sendresults = 1
action.email.to = altin.karaulli@unionbank.al
action.email.useNSSubject = 1
alert.suppress = 0
alert.track = 0
counttype = number of events
cron_schedule = 0 * * * *
description = Omega CA Access Control Errors
dispatch.earliest_time = -1h
dispatch.latest_time = now
display.events.fields = ["host","source","sourcetype","ACTION_ID","ACTION_NAME","USERNAME","USERHOST","OS_PROCESS","OBJECT_NAME","DB_NAME","POLICY_TYPE_CODE","OS_USER","RETURNCODE","TERMINAL"]
display.events.type = table
enableSched = 1
quantity = 0
relation = greater than
request.ui_dispatch_app = omega_core_audit
request.ui_dispatch_view = search
search = index=omega_ca SEO_ACC=1 RETURNCODE!=0

Is there anything wrong in the first 7.1 triggered alert case?

best regards
Altin