To determine if a Custom Rule is actively being used.

• App Control Agent: All Supported Versions
• App Control Console: All Supported Versions

For File Creation Control Rules

1. Log in to the Console and navigate to Rules > Software Rules > relevant Rule.
2. Verify the "Send Approval Event" box is checked.
3. Rule hits will now be shown in Reports > Events with:
   • Subtype: File Approved (Custom Rule)
   • Rule Name: <Relevant Rule>

For Execution Allow and Trusted Path Rules

1. Log in to the Console and navigate to Rules > Software Rules > Custom.
2. Locate the relevant Custom Rule, click View Details (pencil icon).
3. From the Custom Rule Details page > right hand side > Actions > Copy this rule...
   1. Specify a new Rule Name, Example: Report Executions of Accounting Software
   2. Uncheck Enable copied rule and click OK
4. After the copied Rule loads:
   1. Change the Execute Action: Report
   2. Verify all other details are accurate
   3. Change the Status: Enabled
5. Verify the Custom Rule for Reporting is ranked higher than the Custom Rule for Execution (Allow)
6. Rule hits will now be shown in Reports > Events with:
   • Subtype: Report Execution (Custom Rule)
   • Rule Name: <Relevant Rule>
7. Optional: Trigger only on Unapproved Files
   1. Enable the Advanced Section for Custom Rules
   2. Edit the saved Report Custom Rule and change the File State to Unapproved.

• These steps are beneficial when auditing for Custom Rule usage.
• Be sure to also review what Custom Rules should be avoided.