and oddly, that's also what you filter by to retrieve the Tamper Protection logs. Strange innit? Of all the places to put it...
That being the case, the theory is that configuring notifications for the "Application Control" events may give me an email whenever a Tamper Protection event occurs, but it also means I'd get spammed by everything else "Application Control" related
Sooo, it's a possible resoltuion but far from ideal.