3.7 KiB
title, description, ms.date
| title | description | ms.date |
|---|---|---|
| ADMX_EventLogging Policy CSP | Learn more about the ADMX_EventLogging Area in Policy CSP. | 01/18/2024 |
Policy CSP - ADMX_EventLogging
[!INCLUDE ADMX-backed CSP tip]
EnableProtectedEventLogging
| Scope | Editions | Applicable OS |
|---|---|---|
| ✅ Device ❌ User |
✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC |
✅ Windows 10, version 2004 [10.0.19041.1202] and later ✅ Windows 10, version 2009 [10.0.19042.1202] and later ✅ Windows 10, version 21H1 [10.0.19043.1202] and later ✅ Windows 11, version 21H2 [10.0.22000] and later |
./Device/Vendor/MSFT/Policy/Config/ADMX_EventLogging/EnableProtectedEventLogging
This policy setting lets you configure Protected Event Logging.
-
If you enable this policy setting, components that support it will use the certificate you supply to encrypt potentially sensitive event log data before writing it to the event log. Data will be encrypted using the Cryptographic Message Syntax (CMS) standard and the public key you provide. You can use the Unprotect-CmsMessage PowerShell cmdlet to decrypt these encrypted messages, provided that you have access to the private key corresponding to the public key that they were encrypted with.
-
If you disable or don't configure this policy setting, components won't encrypt event log messages before writing them to the event log.
Description framework properties:
| Property name | Property value |
|---|---|
| Format | chr (string) |
| Access Type | Add, Delete, Get, Replace |
[!INCLUDE ADMX-backed policy note]
ADMX mapping:
| Name | Value |
|---|---|
| Name | EnableProtectedEventLogging |
| Friendly Name | Enable Protected Event Logging |
| Location | Computer Configuration |
| Path | Windows Components > Event Logging |
| Registry Key Name | Software\Policies\Microsoft\Windows\EventLog\ProtectedEventLogging |
| Registry Value Name | EnableProtectedEventLogging |
| ADMX File Name | EventLogging.admx |