One of my former teammates, Mark, designed and built a set of managed classes for generating audit from .NET applications (for example, consider a web service).  His work is published in the latest issue of MSDN magazine.

A lot of people aren't aware of this, but in Windows Server 2003 we added an API set that allowed application developers to generate security audit.

Of course, we've always had support for generating your own object access audit, but now we have a generic audit facility that's usable for other kinds of events.

For non-developers, when you're talking to application vendors about their products, just as you would demand integration with Windows' authentication for single sign on, you should consider demanding integration with Windows' audit facility for single point of monitoring.

Eric