Disable Enforcement of the Enhance Security Event Logging policy for File System and Registry Auditing Subcategories
Some environments need to have auditing enabled for Registry and File System. Use this registry entry to prevent Third Wall policy Enhance Security Event Logging from disabling these settings when applied.
You can disable Third Wall’s enforcement of the Registry and File System audit settings with the Enhance Security Event Logging policy by creating a Reg_SZ string value named ModifiedESEL in:
HKEY_LOCAL_MACHINE\SOFTWARE\LabTech\Plugins\ThirdWall\store
and setting the value data to “True” without the quotes.