With the "EventSentry Log File Monitoring" feature you can be alerted via email if specific text gets written to a file. In this HowTo, we will use the default "Log File > Windows Update" as an example but this can be used for any other log file monitoring package (existing or new).
This will generate an informational EVENT ID 8000 (unless the severity was changed in the last step). Create an include filter by clicking on "Event Logs" and selecting "Add Package" which can be labeled "Log File Monitoring", then right-click this package and select "Assign" (assign it to the host with the log file package you are trying to monitor) and then right-click on this package and select "Add Filter" and label this "Log File monitoring Alerts." You can click on this filter and enter the following information:
Once your settings are saved and pushed out to the host with the log file monitoring package, you'll receive an email alert when any text matches the inclusion created.
Configuring an alert for a log file