1.) In the console, under Authoring, Management Pack Objects, Rules, create a new rule
2.) Choose to create a Alert Generating Rules/Event Based/Generic Text Log (Alert), click next
3.) Input a rule name and choose rule target, click next
4.) Input a directory, for example C:\, input a pattern, for example logfile.log, click next
5.) Input the following expression,
Parameter Name = Params/Param[1]
Operator = Matches wildcard
Value = warning
click next
6.) Configure a suitable alert and then click create
Please note that this rule is case sensitive, so it will make difference between WARNING and warning.
As addressed by by Anders Bengtsson http://contoso.se/blog/?p=174
I read your statement but I am still not clear on how I would monitor a log file when a certain event happens.
I have a log file that will input sql or sql statements in the log when a certain event happens. How can I monitor that log when sql is placed in the log? Thanks