I made sure I used a process for a proprietary application that would not be on the white list and this is still not working.
Also, though I don't know if wildcards are supported here, I added a truscan process exception with the name "*" and still I get nothing logged.
How else can I troubleshoot why this isn't working? I updated the policy on the client and even rebooted just to be sure it was getting applied (checked the serial as well).