Object Access: Audit Application Generated
|ID: oval:org.secpod.oval:def:14799||Date: (C)2013-08-13 (M)2017-10-26|
|Class: COMPLIANCE||Family: windows|
This policy setting allows you to audit applications that generate events using the Windows Auditing application programming interfaces (APIs). Applications designed to use the Windows Auditing API use this subcategory to log auditing events related to their function.
Events in this subcategory include:
Creation of an application client context.
Deletion of an application client context.
Initialization of an application client context.
Other application operations using the Windows Auditing APIs.
Volume: Depends on the applications that are generating them.
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Object Access\Audit Application Generated
(2) REG: INFO NOT AVAILABLE
|Microsoft Windows 7|