New install of PAMSC you are getting several DENY on PROCESS class _default resource like this one:

24 Oct 2025 17:26:43 D PROCESS      root       Attach   1069  2 /usr/bin/udevadm     /usr/bin/udevadm                       root

Event type: Resource access
Status: Denied
Class: PROCESS
Resource: /usr/bin/udevadm
Access: Attach
User name: root
Program: /usr/bin/udevadm
Date: 24 Oct 2025
Time: 17:26
Details: No rule granting access to _default record
User Logon Session ID: 68fb99fa:00000102

You are not actually using PROCESS class and you don't have any other acl in this class apart from the _default

PAM client 14.1 VeRsIoN: 14.10.70.116 + DE645522 on a Red Hat Enterprise Linux release 9.2 (Plow)

From PIM's perspective, there is actually a kill issued to the process /usr/bin/udevadm. The kill could be from the system or from the parent process of /usr/bin/udevadm. 

SEOS_syscall intercept the kill() and PIM don't allow the kill; This is why we got the denial audit log. 

PIM understanding is that it is a "problem" from the application /usr/bin/udevadm itself. It may not be a "problem", but the kill signal is from /usr/bin/udevadm itself. PIM intercepted the signal "kill" and that is how we got the audit logs.

You need to add the program /usr/bin/udevadm as a specialpgm

nr SPECIALPGM /usr/bin/udevadm pgmtype(all)