deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/client-management/mdm/policy-csp-admx-eventlogging.md
Vinay Pamnani c23e65d3e8 move understand to client-management
2022-10-07 13:44:25 -04:00

2.7 KiB
Raw Blame History

title, description, ms.author, ms.localizationpriority, ms.topic, ms.prod, ms.technology, author, ms.date, ms.reviewer, manager
title description ms.author ms.localizationpriority ms.topic ms.prod ms.technology author ms.date ms.reviewer manager
Policy CSP - ADMX_EventLogging Learn about the Policy CSP - ADMX_EventLogging. vinpa medium article w10 windows vinaypamnani-msft 09/12/2021 aaroncz

Policy CSP - ADMX_EventLogging

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX_EventLogging policies

ADMX_EventLogging/EnableProtectedEventLogging

ADMX_EventLogging/EnableProtectedEventLogging

Edition Windows 10 Windows 11
Home No No
Pro Yes Yes
Windows SE No Yes
Business Yes Yes
Enterprise Yes Yes
Education Yes Yes

Scope:

[!div class = "checklist"]

  • Device

This policy setting lets you configure Protected Event Logging.

If you enable this policy setting, components that support it will use the certificate you supply to encrypt potentially sensitive event log data before writing it to the event log. Data will be encrypted using the Cryptographic Message Syntax (CMS) standard and the public key you provide.

You can use the Unprotect-CmsMessage PowerShell cmdlet to decrypt these encrypted messages, if you have access to the private key corresponding to the public key that they were encrypted with.

If you disable or don't configure this policy setting, components won't encrypt event log messages before writing them to the event log.

ADMX Info:

  • GP Friendly name: Enable Protected Event Logging
  • GP name: EnableProtectedEventLogging
  • GP path: Windows Components\Event Logging
  • GP ADMX file name: EventLogging.admx

Related topics

ADMX-backed policies in Policy CSP