Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

All Products: Enable CAPI 2 Logging

All Products: Enable CAPI 2 Logging


Microsoft Windows: All Supported Versions


Enabling CAPI2 Windows Logging


Enable CAPI2 Logging:
  1. Open the computer management console by entering in the Start->Run box:  compmgmt.msc /s
  2. From the console object tree (left side) expand Event Viewer -> Windows Logs -> Applications and Services Logs -> Microsoft -> Windows -> CAPI2 select Operational.
  3. Select an event of interest and on the bottom half find the 'General' and 'Details' tab.
  4. Select the 'Details' tab and select the 'XML view' radio button to view the XML document (see CAPI2 Details example below)
  5. Look for either the 'ErrorStatus' or the Certificate Error Code: CERT_TRUST_STATUS (wincrypt.h) - Win32 apps
Save and Disable CAPI2 Logging:Save and disable the CAPI2 logs:
  1. In Event Viewer, right click "Operational"
  2. Select "Save All Events As"
  3. Fill in name, save as type: Event Files (.evtx)
  4. Select "Display information for these languages"
  5. Select "English"
  6. Click "Ok"
  7. Right click "Operational" and choose "disable log"

Was this article helpful? Yes No
No ratings
Article Information
Creation Date: