alerts: 5.0.8/6.0.4 count noalert sigs towards built-in alert limit
Changes in alerting in 5.0.8/6.0.4 store
noalert sigs in the packet alert array before removing them when finalizing the alerts. This solved several issues (#4663, #4670), however it introduces a new issue.
noalert rules are used, for example for flowbit "setter" logic, these rules now consume space in the alert array, leaving less space for "real" alerts that should be outputted. Since there is a built-in limit of 15 (see #4207) its not hard to reach this limit.