We've enabled Application Control in "Detect but allow to run" mode for pretty much everything to get a feel for what is out there - this has created a lot of events. Reporting "Alerts and events by item name" shows some applications that we want to investigate, but how can we drill down to see which client has raised a particular application event?
I had hoped I could create an SQL query but the database doesn't seem to have any Application Control tables...
This thread was automatically locked due to age.
Quote