I'm interested in writing some code to query the Windows Event Log for specific error message contents, as described in this MSDN article. However, I'm not a big fan of the mechanic of basically hand-rolling XPATH or a custom event view in the code...is there a simpler way of doing this? A LINQ provider perhaps?

You can create a custom view in Event Viewer and copy the generated XML. The schema is exactly the same.

The other option is to read the events one at a time and check their contents using string searches, XPATH or LINQ to XML. Obviously, not the most scalable solution, especially when querying remote servers.

Googling can turn up some samples that seem to be using LINQ to query the Event Log but they really just enumerate over all the entries. There doesn't seem to be any provider that will really convert a LINQ query to the proper XML and return the results

Maybe someone will find this useful...

I'm using LinqPad to query Security Event Log on remote machine. It working a little bit slowly but produces result I need. Query I'm using:

EventLog elog = new EventLog();
elog.MachineName = "REMOTE MACHINE NAME";
elog.Log = "Security";
var query = 
    from EventLogEntry e in elog.Entries
    where e.EventID == 560 // EVENT CODE (FILE DELETION IN MY CASE)
    && e.UserName == @"DOMAIN\USERNAME"
    && e.Message.Contains("TEXT INSIDE THE MESSAGE")
    select e;

query.Dump();