| title | description | ms.assetid | ms.reviewer | manager | ms.author | ms.pagetype | ms.prod | ms.mktglfcycl | ms.sitesec | ms.localizationpriority | author | ms.date |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Audit Application Generated (Windows 10) |
The policy setting, Audit Application Generated, determines if audit events are generated when applications attempt to use the Windows Auditing APIs. |
6c58a365-b25b-42b8-98ab-819002e31871 |
dansimp |
dansimp |
security |
w10 |
deploy |
library |
none |
dansimp |
04/19/2017 |
Applies to
- Windows 10
- Windows Server 2016
Audit Application Generated generates events for actions related to Authorization Manager applications.
Audit Application Generated subcategory is out of scope of this document, because Authorization Manager is very rarely in use and it is deprecated starting from Windows Server 2012.
| Computer Type | General Success | General Failure | Stronger Success | Stronger Failure | Comments |
|---|---|---|---|---|---|
| Domain Controller | IF | IF | IF | IF | IF – if you use Authorization Manager in your environment and you need to monitor events related to Authorization Manager applications, enable this subcategory. |
| Member Server | IF | IF | IF | IF | IF – if you use Authorization Manager in your environment and you need to monitor events related to Authorization Manager applications, enable this subcategory. |
| Workstation | IF | IF | IF | IF | IF – if you use Authorization Manager in your environment and you need to monitor events related to Authorization Manager applications, enable this subcategory. |
Events List:
-
4665: An attempt was made to create an application client context.
-
4666: An application attempted an operation.
-
4667: An application client context was deleted.
-
4668: An application was initialized.