deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 05:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/keep-secure/audit-application-generated.md
Brian Lich fa5ddfcf9d changing from ms.prod: W10 to ms.prod: w10
2016-06-02 15:42:37 -07:00

39 lines
3.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: Audit Application Generated (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Application Generated, which determines whether the operating system generates audit events when applications attempt to use the Windows Auditing application programming interfaces (APIs).
ms.assetid: 6c58a365-b25b-42b8-98ab-819002e31871
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh
---
# Audit Application Generated
**Applies to**
- Windows 10
- Windows Server 2016
Audit Application Generated generates events for actions related to Authorization Manager [applications](https://technet.microsoft.com/en-us/library/cc770563.aspx).
Audit Application Generated subcategory is out of scope of this document, because [Authorization Manager](https://technet.microsoft.com/en-us/library/cc726036.aspx) is very rarely in use and it is deprecated starting from Windows Server 2012.
| Computer Type | General Success | General Failure | Stronger Success | Stronger Failure | Comments |
|-------------------|-----------------|-----------------|------------------|------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Domain Controller | IF | IF | IF | IF | IF if you use [Authorization Manager](https://technet.microsoft.com/en-us/library/cc726036.aspx) in your environment and you need to monitor events related to Authorization Manager [applications](https://technet.microsoft.com/en-us/library/cc770563.aspx), enable this subcategory. |
| Member Server | IF | IF | IF | IF | IF if you use [Authorization Manager](https://technet.microsoft.com/en-us/library/cc726036.aspx) in your environment and you need to monitor events related to Authorization Manager [applications](https://technet.microsoft.com/en-us/library/cc770563.aspx), enable this subcategory. |
| Workstation | IF | IF | IF | IF | IF if you use [Authorization Manager](https://technet.microsoft.com/en-us/library/cc726036.aspx) in your environment and you need to monitor events related to Authorization Manager [applications](https://technet.microsoft.com/en-us/library/cc770563.aspx), enable this subcategory. |
**Events List:**
## 4665: An attempt was made to create an application client context.
## 4666: An application attempted an operation.
## 4667: An application client context was deleted.
## 4668: An application was initialized.
Reference in New Issue View Git Blame Copy Permalink