How to add an exclude/include filter

Adding an Include (Step 3 of 7)

Including an event

Provided you want to be notified when this event occurs, we will have to setup an include filter to match this event and subsequently forward it to a target.

You can manually create a filter by right-clicking a filter package, selecting "Add Filter" and then specifying the filter conditions. However, when looking to include specific events, such as when notepad is launched, EventSentry provides two quick alternatives to manually entering the event details.

After having located the event in the EventSentry event log viewer, right-click the event and select "Add Include Filter"

Or when viewing the event details, simply click the Include icon circled in green in the screenshot below:

1. Finding an event
2. Start with an Example
3. Adding an Include
4. Assigning the Include
5. Fine Tuning
6. Configuring the Filter
7. Conclusion
All Tutorials

Updated on: 2018-09-13
Skill Level: Beginner
LEFT/RIGHT arrow keys for navigation