Signing an audit App Control for Business (WDAC) Policy Doesn't Log Events?

  • Thread starter Thread starter The Cyber Warden
  • Start date Start date
T

The Cyber Warden

Guest
Hello,We have several App Control for Business policies deployed on our fleet of machines, several of them are signed and enforced.We had one policy in audit mode (unsigned), and the Code Integrity logs for this policy came in just fine. No issues for months.We decided to sign it and leave it in audit mode -- however, signing the audit policy caused events to not be logged anymore.We've verified that the policy is "signed","authorized", and "enforced" using the CiTool.Can someone confirm that signed, audit, app control policies should be logging things?Thanks!

Continue reading...
 
You must log in or register to reply here.

Similar threads

T
Signing an audit App Control for Business (WDAC) Policy Doesn't Log Events?
Replies
0
Views
1
The Cyber Warden
T
T
Signing an audit App Control for Business (WDAC) Policy Doesn't Log Events?
Replies
0
Views
1
The Cyber Warden
T
B
Releasing Windows 11 Build 22621.2066 to the Release Preview Channel
Replies
0
Views
7
Brandon LeBlanc
B
B
Releasing Windows 11 Build 22000.1879 to the Release Preview Channel
Replies
0
Views
7
Brandon LeBlanc
B
B
Releasing Windows 11 Build 22621.1631 to the Release Preview Channel
Replies
0
Views
8
Brandon LeBlanc
B
Back
Top