Windows Security Log Event ID 5058
Operating Systems |
Windows 2008 R2 and 7
Windows 2012 R2 and 8.1
Windows 2016 and 10
Windows Server 2019 and 2022
|
Category • Subcategory | System • Other System Events |
Type
|
Success
|
Corresponding events
in Windows
2003 and before |
|
5058: Key file operation
On this page
Key file operation
Server 2019 added the Process Information fields.
Free Security Log Resources by Randy
Subject
- Security ID:
- Account Name:
- Account Domain:
- Logon ID:
Process Information (new fields in 2019)
- Process ID:
- Process Creation Time:
Cryptographic Parameters
- Provider Name:
- Algorithm Name:
- Key Name:
- Key Type:
Key File Operation Information
- File Path:
- Operation:
- Return Code:
Supercharger Enterprise
2019
Key file operation.
Subject:
Security ID: SYSTEM
Account Name: WIN-857ZZX6RQHL$
Account Domain: ACME-FR
Logon ID: 0x3e7
Process Information:
Process ID:
Process Creation Time:
Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: Not Available.
Key Name: acme-fr-WIN-857ZZX6RQHL-CA
Key Type: Machine key.
Key File Operation Information:
File Path: C:\ProgramData\Microsoft\Crypto\Keys\375d951cf427e77c9b8cbf68fdf21148_82f19091- d5b5-4765-8e46-a16b1daddf27
Operation: Read persisted key from file.
Return Code: 0x0
2016 and earlier
Key file operation.
Subject:
Security ID: SYSTEM
Account Name: WIN-857ZZX6RQHL$
Account Domain: ACME-FR
Logon ID: 0x3e7
Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: Not Available.
Key Name: acme-fr-WIN-857ZZX6RQHL-CA
Key Type: Machine key.
Key File Operation Information:
File Path: C:\ProgramData\Microsoft\Crypto\Keys\375d951cf427e77c9b8cbf68fdf21148_82f19091- d5b5-4765-8e46-a16b1daddf27
Operation: Read persisted key from file.
Return Code: 0x0
Top 10 Windows Security Events to Monitor
Free Tool for Windows Event Collection