Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Crypto-RSAEnh

Event ID 8

Message:

%{ErrorDescription}

 Process: 	%{ProcessName}
 File Path: 	%{FilePath}
 Provider Type: 	%{DesiredAccess}
 MachineKeyset: 	%{ShareMode}
 Security Info: 	%{CreationDisposition}
 AppContainer: 	%{Attributes}
 Error code: 	%{Status}

Event Data:

# Name In Type
Out Type
1 ProcessName win:UnicodeString xs:string
2 FilePath win:UnicodeString xs:string
3 DesiredAccess win:UInt32 xs:unsignedInt
4 ShareMode win:UInt32 xs:unsignedInt
5 CreationDisposition win:UInt32 xs:unsignedInt
6 Attributes win:UInt32 xs:unsignedInt
7 Status win:UInt32 xs:unsignedInt
8 ErrorDescription win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: JKOV6E6OBSV2M