Added AppLocker log source

2020-07-13 20:29:13 +00:00
parent e376948258
commit 7fb2e2b845
1 changed files with 9 additions and 0 deletions
@@ -74,3 +74,12 @@ logsources:
    service: windefend
    conditions:
      LogName: 'Microsoft-Windows-Windows Defender/Operational'
+  windows-applocker:
+    product: windows
+    service: applocker
+    conditions:
+      LogName:
+        - 'Microsoft-Windows-AppLocker/MSI and Script'
+        - 'Microsoft-Windows-AppLocker/EXE and DLL'
+        - 'Microsoft-Windows-AppLocker/Packaged app-Deployment'
+        - 'Microsoft-Windows-AppLocker/Packaged app-Execution'