How to filter Windows Server event by level

Hi, I install NXLog Enterprise Edition v5 trial And try to filter out events before send to SIEM. I can get some events and see SIEM side. But when I create fake event , cannot see all. What I want? I want to forward Windows server APP, SEC ve SYS logs that have only WARNING,ERROR and CRITICAL levels in CEF format Is that config part correct?

AskedMarch 7, 2022 - 9:46am

CEF Severity Value Not getting Parsed Properly

I am following the CEF documentation from here

In this its written that
`Severity is a string or integer and reflects the importance of the event. The valid string values are
Unknown, Low, Medium, High, and Very-High. The valid integer values are 0-3=Low, 4-6=Medium,
7- 8=High, and 9-10=Very-High.`

AskedMay 2, 2019 - 2:18pm