Update to the Windows Log file

If I use
logrt[C:\logfolder\logfile20131210.log]
I will get contents of log in my latest data

However
If I use
logrt[C:\logfolder\logfile20131210.log,FAILURE]
I get nothing?
the file contains entries such as

2013-12-09 15:28:47 FAILURE Drive 0

I have searched the forums and read the manual "logrt[/path/to/some/filename_format,<regexp>,<encoding>,<maxlines>,<mo de>,<output>]"and based on the info believe it should look like the above or maybe even the below

logrt[C:\logfolder\logfile20131210.log,FAILURE,,skip,]

Any Ideas?

Cheers
Owenus

Update...

Any Pointers?

Working...now another question

Hi All
Got it working with this

logrt[C:\logfolder\logfile20131210.log,[FAILURE | ERROR],,,skip]

now can anyone shine some light on the {DATE} macro
I would like to modify the above to look something like

logrt[{$LOG_FILE},[FAILURE | ERROR],,,skip]

with a Global / Host user macro of
{$LOG_FILE} = C:\logfolder\logfile{DATE}.log
This I believe would result with

logrt[C:\logfolder\logfile2013.12.10.log,[FAILURE | ERROR],,,skip]

Is the any way for me to strip the dot's in the date format?
I will be monitoring this item via the active agent on a windows machine
would i need to add anythine to the agent.conf on the windows machine for the user macro?

Cheers
Owenus