How to define rule for SERVICE_START/STOP?

We want to use Linux audit type SERVICE_START/STOP for our application running as service. But I am not able to find example on how to use auditctl to define the rule. It seems to me that all the examples are of rules defined for system_calls. Questions: 1. Can I use audit type SERVICE_START/STOP for my application runs as service? or would it be considered as type USR_CMD? 2. How do I use auditctl to define rule for SERVICE_START/STOP? Can you direct/point me to URL/documentation where it is documented? Thanks. Gisela Cheng giselac(a)us.ibm.com