This is the log when intending to start an application with a window that is prohibited from startup in the client (CT). When starting an application without a window, the application startup prohibition log cannot be collected.
The application startup prohibition log without a window displayed (but with an invisible window) will be collected.

When collecting the application startup prohibition log, whether the unnecessary application to the business, one that is prohibited to be used, has attempted to be started and the person who started the application that might cause information disclosure can be known. Whether the system is being used according to the rules can be judged.

Set policy in the Terminal Initial Settings window, the User Policy Settings window or the window after the Management Console is started (CT policy settings window).
Set the name of the application that is prohibited from startup in Application.

The following log content can be viewed:

Name: name of the client (CT)

Occurrence Date and Time: time for collecting logs at client (CT)

User ID: logon user name of the client (CT)

Domain Name: it is the domain name of the client (CT) when logging on to domain while it is the computer name of the client (CT) when logging on to local computer

Type: Application Startup Prohibition (fixed value)

Classification: violation

Attachment: (not displayed)

Content: the following content is displayed:

• Name of the prohibited application (*1)

• Prohibition processing (Ended by force)

• Prohibition results (Succeeded or Failed)

Example of Content:

Startup of [calc][Ended by force]. Result: [Succeeded]

*1: When performing keyword search in Log Viewer, it can be specified as keyword.

Note: The content below is displayed.

• Process ID (*1)

• Parent process ID (*1)

• Argument (*1)

  Example of Note:

  Process ID:[3182],Parent Process ID[5032],Parameter:[C:\Windows\notepad.exe D:\Individual information.txt]

  *1: Can be specified as a keyword when performing a keyword search in the Log Viewer.