Once again, your begging for problems by wanting to do it "the normal way". You will have many false alerts, have to maintain a lookup when adding new sources etc..
MetaWoot can monitor the tsidx files at the host level and make managing this much easier. Please upvote/accept if this answered your question
You can create a new alert using Settings > Searching, report and Alert section.
In the alert Serach, you can write a simple Search to get receive data in regard to the logs for the time frame of 2 days.
In the Alert Trigger Condition, check the Number of Results=0
And set the Trigger Action as Email and give the relevant details for the email alerts..
This won't scale at all.. What happens when you have 100TB/day deployment with millions of logs you're monitoring?