Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Crypto-RSAEnh

Event ID 3

Message:

%{ErrorDescription}

 Process: 	%{ProcessName}
 User Storage Area: 	%{DesiredAccess}
 Container Name: 	%{UserStorageArea}
 MachineKeyset: 	%{FileName}
 Error code: 	%{Status}

Event Data:

# Name In Type
Out Type
1 ProcessName win:UnicodeString xs:string
2 MachineKeyset win:Boolean xs:boolean
3 DesiredAccess win:UInt32 xs:unsignedInt
4 UserStorageArea win:UnicodeString xs:string
5 FileName win:UnicodeString xs:string
6 Status win:UInt32 xs:unsignedInt
7 ErrorDescription win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: NXORQEGQCQPDI