Logic Monitor to create incident from audit log created by MS SQL servers in Windows event log

Referring to the ICFR Findings, ICFR auditors wanted us to have an audit log on Privilege Event happens in MS SQL servers. Below are the events that have been identified by our team and we are planning to log these events into Windows Event and having Logic Monitor to capture these events and create Incident in Service Now.

Privilege Event:

1. ALTER INSTANCE

2. ALTER DATABASE

3. CREATE/DROP DB

4. CREATE/DELETE LOGIN