It would be helpful if the SEIM agent on Windows ingested logs relating to App Control and App Locker.

These are located in

Applications and Services logs - Microsoft - Windows - CodeIntegrity

and

Applications and Services logs - Microsoft - Windows - AppLocker

A more generalized version of this request is for us to be able to create templates or otherwise control which of the many Windows event logs we want to capture on a per-client basis.