I am not sure what you mean by "different email" and it started working. Did you change the email address of the administrator?

In any case, Xeams won't generate alerts for every entry attempt. The intrusion detection logs simply lists abnormal connections - not necessarily attacks. Instead, refer to InvalidPasswordAttempts.log to see who is trying to guess passwords. Xeams will generate alerts if it detects too many invalid password attempts from a single IP.