I have noticed a high number of file audit failure as a result of the process names below (specifically symantec AV).
Anyone experiencing the same events? This is also triggering the "file audit failure with restricted information inference".
I can whitelist the process names but i want to make sure the file audit failures are fixed.
|ExtraneousInfo||ProcessName: C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe|