Windows Event Log Entries Created by Device Control
Learn about the entries created in the Windows Event logs by Device Control actions.
Code | Message Name | Description |
---|---|---|
1 | MSG_NO_VALID_KEY | SCC was unable to find a valid public key. It is currently using the default public key. |
2 | MSG_NO_VALID_KEY_WITH_LIST | SCC was unable to find a valid public key. It is currently using the default public key. For your reference |
3 | MSG_KEY_FOUND | SCC found a valid key in directory "%1" and is now using it. |
4 | MSG_WINSOCK_START_FAILURE | The Windows socket library could not be started. |
5 | MSG_PERMISSION_REMOVE_TIMEOUT | Unable to update permissions. Operation to remove old permissions timed out with error %1 on file "%2". |
6 | MSG_PERMISSION_REPLACE_TIMEOUT | Unable to update permissions. Operation to replace old permissions timed out with error %1 on file "%2". |
7 | MSG_ACCESS_DENIED | Application Control denied execution of the file "%1". For the full path and other details |
8 | MSG_ACCESS_NEARLY_DENIED | Application Control would have denied execution of the file "%1" |
9 | SWAVE_FSFILTER_ERROR_CANNOT_USE_SHADOW_DIRECTORY | The shadow directory does not exist or cannot be accessed. The floppy and removable drives will be disabled by the shadow driver. |
10 | SWAVE_UNSUPPORTED_CDBURNING | Unsupported CD/DVD burning mode |
11 | SWAVE_CDSHADOW_ERROR | Error during the processing CD/DVD shadow images |
12 | MSG_NO_VALID_PUBLIC_KEY | SK was unable to find a valid public key. It is currently using a default key. You should |
13 | DWAVE_FSFILTER_ERROR_INTERNAL_ERROR | The shadow driver encountered an internal error that prevents normal operation. The drives will be disabled by the shadow driver. |
14 | SWAVE_FSFILTER_INFO_MEDIUM_INSERT | Action: Medium inserted%rVolume Name: %1%rSerial Number: %2 Encryption: %3 |
15 | SWAVE_CDSHADOW_OVERRIDE | Unsupported CD/DVD burning mode |
16 | MSG_DEVICE_ATTACHED | Device "%1" (%2) attached to endpoint by user %3. |
17 | MSG_QUOTA_EXCEEDED | File copy quota has been reached. |
18 | MSG_READ_DENIED | Device Control denied read access for device "%1" (%2) accessing path "%3" by user %4 for reason %5 by process "%6". |
19 | MSG_WRITE_DENIED | Device Control denied write access for device "%1" (%2) accessing path "%3" by user %4 for reason %5 by process "%6". |
20 | MSG_WLAN_BLOCKED | Device Control device wlan blocked for %1. For the full path and other details |
21 | MSG_KEYLOGGER_DETECTED | Device Control detected a keylogger for device "%1" by user %2. |
22 | MSG_KEYBOARD_DISABLED | Device Control disabled keyboard "%1". |
23 | MSG_MEDIUM_ENCRYPTED | Device "%1" (%2) mounted as volume %4 was encrypted by user %3. |
24 | MSG_INVALID_PASSWORD | Invalid password entered for device "%1" (%2) by user %3. |
25 | MSG_WRITE_GRANTED | Device Control shadowed file "%1" from a write to device "%2" (%3) by user %4. For the full path and other details |
26 | MSG_READ_GRANTED | Device Control shadowed file "%1" from a read of device "%2" (%3) by user %4. For the full path and other details |
27 | MSG_DEVICE_DETACHED | Device "%1" (%2) detached from endpoint by user %3. |
28 | MSG_READ_AUDIT | Device Control audited a denied read access for device "%1" (%2) accessing path "%3" by user %4 for reason %5 by process "%6". |
29 | MSG_WRITE_AUDIT | Device Control audited a denied write access for device "%1" (%2) accessing path "%3" by user %4 for reason %5 by process "%6". |
Related Information:
- The Log Explorer Window
- Navigation Control Bar
- Column Headers
- Criteria/Properties Panel
- Results Panel/Custom Report Contents
- Log Explorer Templates
- Select and Edit Templates Dialog
- Template Settings Dialog
- Forcing the Upload of Shadow Files from a Client Upon User Log Off