Live Demo
Free Edition
Download NowEvent ID 4887 – Certificate Services Approved A Certificate Request And Issued A Certificate
| Event ID | 4887 |
| Category | Object Access: Certification Services |
| Type | Success Audit |
When a certificate is issued by Certificate Services, event 4887 is logged. This is a consequence of either an administrator or certificate manger issuing a pending request, or the CA automatically approving a request based on its policy.
For this event to be logged, the corresponding "Issue and manage certificate requests" feature needs to be enabled in the CA's properties tab. Each certificate request is uniquely identified by its Request ID.
This log provides the following information:
- Request ID
- Requester
- Attributes
- Disposition
- SKI
- Subject
Why does event ID 4887 need to be monitored?
This event should be monitored to detect anomalous and malicious activity, and to prevent privilege abuse.
Pro Tip:
With 200+ reports and real-time email and SMS alerts, ADAudit Plus tracks all certificate services related events, thus helping you meet your security, operational, and compliance needs with absolute ease.
Event 4887 applies to the following operating systems:
- Windows 2008 R2 and 7
- Windows 2012 R2 and 8.1
- Windows 2016 and 10
Explore Active Directory auditing and reporting with ADAudit Plus.
- Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- EventLog Analyzer Real-time Log Analysis & Reporting
- ADSelfService Plus Self-Service Password Management
- AD360 Integrated Identity & Access Management
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools