Event ID 5061 - Cryptographic operation.
|Description||This event is generated when a cryptographic operation (open key, create key, create key, and so on) was performed using a Key Storage Provider (KSP). This event is generated only if one of the following KSPs were used:
The event logs the following information:
Reasons to monitor event:
- Typically this event is required for detailed monitoring of KSP-related actions with cryptographic keys.
- If you need to monitor actions related to specific cryptographic keys (“Key Name”) or a specific “Operation”, such as “Delete key file”, you can create monitoring rules and use this event as an information source.
Event 5061 applies to the following operating systems:
- Windows Server 2008 R2 and 7
- Windows Server 2012 R2 and 8.1
- Windows Server 2016 and 10
Explore Active Directory auditing and reporting with ADAudit Plus.
- Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- EventLog Analyzer Real-time Log Analysis & Reporting
- ADSelfService Plus Self-Service Password Management
- AD360 Integrated Identity & Access Management
- Log360 Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools