Filtering Events

${Authorization} = "user"

[not] [(]${event_attribute} comparison_operatorfilter_value[)] [boolean_operator (${event_attribute} comparison_operatorfilter_value)...]

[not] (${ServiceUser} equals "oauser")
(${ClientInfo} contains "196.72") and (${RowsFetched} > 1000)
(${Statement} contains "insert") and (${ReturnCode} != 0)
(${Statement} contains "insert" and (${ReturnCode} = -1 or ${ReturnCode} = -2)
${timestamp} > "2007-06-26 02:00:00"