In all the examples used in this tutorial the same rules could be applied to an Exclude filter. In our Service Monitoring example, by changing the filter to an Exclude filter we would receive all service status changes except for W3SVC. This would be useful when most the events you are receiving are relevant, however you want to exclude the specific events you do not want to receive.
At this point we have filtered the messages text using wildcards in the Application log and the Security log. The practices demonstrated in these examples should be easily applied to other events you may be interested in receiving. Putting them to use will drastically improve the quality of useful events you receive from EventSentry.
If have any questions please refer to our online documentation at http://www.eventsentry.com/ as well as other online tutorials. We have also added several screencasts where our lead developer walks you through EventSentry's functionality.
Feel free to contact : support@netikus.net