When connected to client via DeviceLock Management Console, the Audit Log Viewer module displays no new records, or is empty. Scanning a computer with 'Audit Log Viewer' plug-in of DeviceLock Enterprise Manager displays 'Log is empty' message or does not contain new records.
The issue indicates that the 'Audit Log Type' parameter has been configured incorrectly. There are two types of Audit Log in DeviceLock: 1. Event Log, and 2. DeviceLock Log. The first one is used for logging events locally, while the second one is sent to DeviceLock Enterprise Server and its data is not displayed in the Audit Log when connected to a client via DeviceLock Management Console or DeviceLock Enterprise Manager.
To view audit log on each client computer, the 'Event Log' type should be used. Make sure the 'Audit Log Type' parameter in 'Service Options' -> 'Auditing & Shadowing' is set to 'Event Log', or to 'Event Log & DeviceLock Log'.