From 94822e362d9abd14868ad88d8efdf57c07cc84cd Mon Sep 17 00:00:00 2001
From: admingit <pamphile.jocelyn@gmail.com>
Date: Mon, 23 Oct 2023 14:28:50 +0200
Subject: [PATCH] add

---
 .../Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf   | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/deployment-apps/Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf b/deployment-apps/Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf
index 978e5de3..069a6262 100644
--- a/deployment-apps/Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf
+++ b/deployment-apps/Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf
@@ -54,3 +54,7 @@ search = eventtype=admon objectCategory="*CN=Person*"
 [wineventlog_windows]
 search = eventtype=wineventlog_application OR eventtype=wineventlog_system OR eventtype=wineventlog_security OR eventtype=wineventlog-ds OR eventtype=wineventlog-dfs OR eventtype=wineventlog-keymanagement OR eventtype=wineventlog-filereplication OR eventtype=wineventlog-dns
 #tags = os windows
+
+[wineventlog_application]
+search = source=WinEventLog:Application OR source=WMI:WinEventLog:Application OR source=XmlWinEventLog:Application
+#tags = os windows
\ No newline at end of file