You can configure all rules contained within a specified rule collection to only audit activity but not enforce rules. This may be useful if you want to test new rules before they are deployed.

A associação ao grupo Administradores local, ou equivalente, é o mínimo necessário para concluir este procedimento.

To configure audit-only mode
  1. Click Start, type secpol.msc in the Search programs and files box, and then press ENTER. You can also:

    1. Click Start, and then click Control Panel.

    2. Click System and Security, and then click Administrative Tools.

    3. Double-click Local Security Policy.

  2. Se a caixa de diálogo Controle de Conta de Usuário for exibida, confirme que a ação exibida é a desejada e clique em Sim.

  3. In the console tree, double-click Application Control Policies, right-click AppLocker, and then click Properties.

  4. On the Enforcement tab, select the Configured check box for the appropriate rule collection, and then select Audit only in the list for that rule collection.

  5. Repeat step 4 to configure additional rule collections.

  6. Click OK.

Additional references