I have the same exact issue.
It is quite surprising that a simple regex like *$* is not parsed by LEM.
I am trying to build a Files Deleted nDepth filter, and while I have narrowed it pretty well by using the SolarWinds FIM connector, it is infuriating when you see temporary open files that have ~$ characters at start of filenames, not get parsed by any regex.
Regadless of what you put: *$*, *~$* or *\~$*, they all get ignored.
The results still have FileName field populated with bunch of entries like: D:\path\~$Excel-Spreadsheet.xlsx
Can anyone from SolarWinds support shane.horgan clarify on this ?
Thanks