A fundamental component of SQL Server is the security layer. A principle player in security in SQL Server comes via principals.
The use of SQL Audit can be viable to track the changes that may be occurring within your SQL Server – from a settings point of view
Altering an Extended Event session is not necessarily a difficult task, but it is a very useful ability. Having this basic skill in your wheelhouse can be very positive and useful for you!
One of the more useful troubleshooting tools (granted when used properly and not with a knee jerk approach) is waits. There are waits in SQL Server that are very specific to Extended Events.
Explore the little function called sys.fn_MSxe_read_event_stream and discover just a little bit more of what Extended Events may be doing behind the scenes with the live data viewer.
I have a few gems that are available to you in the GUI. These gems should help solidify your understanding of the tools available through the GUI to help work with Extended Events
Explore how to customize the view of the GUI for working with XEvent Log files or XEL files. This further customization does include working with filters.