add

deployment-apps/Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf

@@ -54,3 +54,7 @@ search = eventtype=admon objectCategory="*CN=Person*"
 [wineventlog_windows]
 search = eventtype=wineventlog_application OR eventtype=wineventlog_system OR eventtype=wineventlog_security OR eventtype=wineventlog-ds OR eventtype=wineventlog-dfs OR eventtype=wineventlog-keymanagement OR eventtype=wineventlog-filereplication OR eventtype=wineventlog-dns
 #tags = os windows
+
+[wineventlog_application]
+search = source=WinEventLog:Application OR source=WMI:WinEventLog:Application OR source=XmlWinEventLog:Application
+#tags = os windows