The Keyfactor suite of products installed on Windows generate Windows event log messages for both normal activity and errors in the Windows application event log. Depending on the features in use on your server, you may not see all these events in your log. These codes can be useful to set up log analysis platforms such as Splunk and Kibana.
Note: Table 99: Keyfactor Command Windows Event IDs and Table 100: Keyfactor Command Windows Event IDs for Audit Log apply only to Keyfactor Command Windows installations under IIS. Table 101: Keyfactor Universal Orchestrator Windows Event IDs applies only to Universal Orchestrator
Keyfactor orchestrators perform a variety of functions, including managing certificate stores and SSH key stores. installations on Windows.
Keyfactor orchestrators perform a variety of functions, including managing certificate stores and SSH key stores. installations on Windows.Keyfactor Command
Table 99: Keyfactor Command Windows Event IDs shows some of the more common event IDs generated by the Keyfactor Command server.
Table 99: Keyfactor Command Windows Event IDs
|
Event ID |
Source | Task Category | Description |
|---|---|---|---|
| 200 | Keyfactor Command | CA Synchronization | Incremental or full CA synchronization started |
| 201 | Keyfactor Command | CA Synchronization | Incremental or full CA synchronization finished |
| 210 | Keyfactor Command | CA Synchronization | An error occurred during CA synchronization |
| 221 | Keyfactor Command | CA Synchronization | Unable to validate Keyfactor Command product license |
| 230 | Keyfactor Command | CA Synchronization | Unable to connect to the CA during full CA synchronization |
| 300 | Keyfactor Command | Monitoring | Monitoring service started |
| 301 | Keyfactor Command | Monitoring | Monitoring engine started |
| 304 | Keyfactor Command | Monitoring | Monitoring service timer elapsed |
| 305 | Keyfactor Command | Monitoring | Monitoring service execution skipped |
| 306 | Keyfactor Command | Monitoring | Monitoring job completed successfully |
| 307 | Keyfactor Command | Monitoring | Monitoring engine failed |
| 310 | Keyfactor Command | Monitoring | Monitoring job completed with errors |
| 322 | Keyfactor Command | Monitoring | Unable to read the Keyfactor Command database during monitor job run |
| 323 | Keyfactor Command | Monitoring | An error occurred refreshing a key rotation, cert expiration, CA Health, cert issued, pending cert, or query item alert service job |
| 330 | Keyfactor Command | Monitoring | OCSP endpoint is unavailable |
| 331 | Keyfactor Command | Monitoring | OCSP endpoint is responding successfully |
| 340 | Keyfactor Command | Monitoring | An error occurred configuring an expiration alert |
| 350 | Keyfactor Command | Monitoring | An error occurred configuring a pending alert |
| 360 | Keyfactor Command | Monitoring | An error occurred configuring an SSL alert |
| 370 | Keyfactor Command | Monitoring | An error occurred configuring the CRL |
| 371 | Keyfactor Command | Monitoring | CRL endpoint location could not be contacted |
| 372 | Keyfactor Command | Monitoring |
CRL at the endpoint is stale (past the CA's next publish date for the CRL but not yet at the expiration date) Note: If a CRL is both in the warning period and stale, only the event log message for stale will appear in the log. |
| 373 | Keyfactor Command | Monitoring | CRL at the endpoint is in the warning period configured for email alerts (X days before expiration) |
| 374 | Keyfactor Command | Monitoring | CRL is in a good state |
| 375 | Keyfactor Command | Monitoring | CRL at the endpoint has expired |
| 380 | Keyfactor Command | Monitoring | An error occurred configuring a SSRS reporting job, CRL alert jobs, or certificate authority threshold jobs |
| 390 | Keyfactor Command | Monitoring | Failed to configure the certificate authority threshold jobs |
| 391 | Keyfactor Command | Monitoring | CA has failed to meet one of the threshold monitoring requirements |
| 410 | Keyfactor Command | Web API | A general error occurred during a Keyfactor API request |
| 411 | Keyfactor Command | Web API | Invalid token error occurred during a Keyfactor API request |
| 413 | Keyfactor Command | Web API | Invalid template error occurred during a Keyfactor API request |
| 419 | Keyfactor Command | Web API | Invalid user error occurred during a Keyfactor API request |
| 800 | Keyfactor Command | Timer Service | Keyfactor Command Service started |
| 801 | Keyfactor Command | Timer Service | Keyfactor Command Service stopped |
| 810 | Keyfactor Command | Maintenance | A general Keyfactor Command Service maintenance error occurred. |
| 822 | Keyfactor Command | Timer Service | Unable to read the Keyfactor Command database during Keyfactor Command Service job |
| 830 | Keyfactor Command | Timer Service | Keyfactor Command Service jobs failed to start (alerts, monitoring, sync, other) |
| 930 | Keyfactor Command | Timer Service | An orchestrator job configuration failed |
| 931 | Keyfactor Command | Timer Service | An orchestrator job execution failed |
| 932 | Keyfactor Command | Timer Service | An orchestrator job execution canceled |
| 933 | Keyfactor Command | Timer Service | An orchestrator job execution started |
| 934 | Keyfactor Command | Timer Service | An orchestrator job execution succeeded |
| 1001 | Keyfactor Command | Maintenance | Keyfactor Command product license is approaching expiration |
| 1002 | Keyfactor Command | Maintenance | Audit logs failed to write to the audit log destination |
| 1900 | Keyfactor Command | Configuration Wizard | The configuration wizard was started |
| 1910 | Keyfactor Command | Configuration Wizard | The configuration wizard finished |
| 1911 | Keyfactor Command | Configuration Wizard | The configuration wizard database creation process started |
| 1912 | Keyfactor Command | Configuration Wizard | The configuration wizard database upgrade process started |
| 1913 | Keyfactor Command | Configuration Wizard | The configuration wizard database conversion process started |
| 1914 | Keyfactor Command | Configuration Wizard | The configuration wizard database upgrade process completed successfully |
| 1915 | Keyfactor Command | Configuration Wizard | The configuration wizard database creation process completed successfully |
| 1916 | Keyfactor Command | Configuration Wizard | The configuration wizard database conversion process completed successfully |
| 1920 | Keyfactor Command | Configuration Wizard | A general failure occurred for the configuration wizard |
| 1921 | Keyfactor Command | Configuration Wizard | The configuration wizard database upgrade process failed |
| 1922 | Keyfactor Command | Configuration Wizard | The configuration wizard database creation process failed |
| 1940 | Keyfactor Command | Configuration Wizard | Configuration wizard general warning |
| 1941 | Keyfactor Command | Configuration Wizard | Configuration wizard SSRS reporting config warning |
| 1942 | Keyfactor Command | Configuration Wizard | Configuration wizard agent pool config warning |
| 2000 | Keyfactor Command | Alert | Whitelist policy failure |
| 2001-2034 | Keyfactor Command | Auditing Log | See Table 100: Keyfactor Command Windows Event IDs for Audit Log. |
| 2300 | Keyfactor Command | Expiration Renewal | Renewal handler was able to successfully renew a certificate |
| 2310 | Keyfactor Command | Expiration Renewal | Renewal handler failed to renew a certificate |
| 2800 | Keyfactor Command | User Authentication | User login to Management Portal was authenticated |
| 3000 | Keyfactor Command | Alert | Execution of an alert (pending, issued, expiration, or key rotation) configured in the Management Portal failed. |
| 3001 | Keyfactor Command | Alert | Execution of an alert (pending, issued, expiration, or key rotation) configured in the Management Portal succeeded. |
| 3002 | Keyfactor Command | Alert | Execution of an alert (pending, issued, expiration, or key rotation) configured in the Management Portal was canceled. |
| 3003 | Keyfactor Command | Alert | Execution of an alert (pending, issued, expiration, or key rotation) configured in the Management Portal started. |
| 3004 | Keyfactor Command | Alert | A CA threshold monitoring alert failed. |
| 3005 | Keyfactor Command | Alert | A CA threshold monitoring alert succeeded. |
| 3006 | Keyfactor Command | Alert | A CA threshold monitoring alert was canceled. |
| 3007 | Keyfactor Command | Alert | A CA threshold monitoring alert started. |
| 3008 | Keyfactor Command | Alert | A CRL alert for a revocation monitoring location configured in the Management Portal failed. |
| 3009 | Keyfactor Command | Alert | A CRL alert for a revocation monitoring location configured in the Management Portal succeeded. |
| 3010 | Keyfactor Command | Alert | A CRL alert for a revocation monitoring location configured in the Management Portal was canceled. |
| 3011 | Keyfactor Command | Alert | A CRL alert for a revocation monitoring location configured in the Management Portal started. |
| 3012 | Keyfactor Command | Certificate Authority |
Local CA sync failed. Note: This event ID is also used by the AnyCAGateway REST.
|
| 3013 | Keyfactor Command | Certificate Authority |
Local CA sync succeeded. Note: This event ID is also used by the AnyCAGateway REST.
|
| 3014 | Keyfactor Command | Certificate Authority |
Local CA sync was canceled. Note: This event ID is also used by the AnyCAGateway REST.
|
| 3015 | Keyfactor Command | Certificate Authority |
Local CA sync started. Note: This event ID is also used by the AnyCAGateway REST.
|
| 3016 | Keyfactor Command | Other | Delivery of regularly scheduled reports has failed. |
| 3017 | Keyfactor Command | Other | Delivery of regularly scheduled reports has succeeded. |
| 3018 | Keyfactor Command | Other | Delivery of regularly scheduled reports has been canceled. |
| 3019 | Keyfactor Command | Other | Delivery of regularly scheduled reports has started. |
| 3020 | Keyfactor Command | Maintenance | The process to generate and assign metadata to certificates when they are imported into Keyfactor Command has started. |
| 3021 | Keyfactor Command | Maintenance | The process to generate and assign metadata to certificates when they are imported into Keyfactor Command has failed. |
| 3022 | Keyfactor Command | Maintenance | The process to generate and assign metadata to certificates when they are imported into Keyfactor Command has been canceled. |
| 3023 | Keyfactor Command | Maintenance | The periodic process to generate and assign metadata to certificates when they are imported into Keyfactor Command has succeeded. |
| 3024 | Keyfactor Command | Maintenance | The periodic process to remove any stored private keys in the Keyfactor Command database that have expired and are eligible for deletion has started. |
| 3025 | Keyfactor Command | Maintenance | The periodic process to remove any stored private keys in the Keyfactor Command database that have expired and are eligible for deletion has failed. |
| 3026 | Keyfactor Command | Maintenance | The periodic process to remove any stored private keys in the Keyfactor Command database that have expired and are eligible for deletion has been canceled. |
| 3027 | Keyfactor Command | Maintenance | The periodic process to remove any stored private keys in the Keyfactor Command database that have expired and are eligible for deletion has succeeded. |
| 3028 | Keyfactor Command | Maintenance | The periodic process to add audit log entries for large jobs started. |
| 3029 | Keyfactor Command | Maintenance | The periodic process to add audit log entries for large jobs failed. |
| 3030 | Keyfactor Command | Maintenance | The periodic process to add audit log entries for large jobs was canceled. |
| 3031 | Keyfactor Command | Maintenance | The periodic process to add audit log entries for large jobs succeeded. |
| 3032 | Keyfactor Command | Maintenance | The periodic process to remove any audit log history in the Keyfactor Command database that has expired and is eligible for deletion started. |
| 3033 | Keyfactor Command | Maintenance | The periodic process to remove any audit log history in the Keyfactor Command database that has expired and is eligible for deletion failed. |
| 3034 | Keyfactor Command | Maintenance | The periodic process to remove any audit log history in the Keyfactor Command database that has expired and is eligible for deletion was canceled. |
| 3035 | Keyfactor Command | Maintenance | The periodic process to remove any audit log history in the Keyfactor Command database that has expired and is eligible for deletion succeeded. |
| 3036 | Keyfactor Command | Maintenance | The periodic process to remove any SSL endpoint history in the Keyfactor Command database that is eligible for deletion started. |
| 3037 | Keyfactor Command | Maintenance | The periodic process to remove any SSL endpoint history in the Keyfactor Command database that is eligible for deletion failed. |
| 3038 | Keyfactor Command | Maintenance | The periodic process to remove any SSL endpoint history in the Keyfactor Command database that is eligible for deletion was canceled. |
| 3039 | Keyfactor Command | Maintenance | The periodic process to remove any SSL endpoint history in the Keyfactor Command database that is eligible for deletion succeeded. |
| 3040 | Keyfactor Command | Alert | The periodic process to update the temporary tables that store information on which certificates are in which certificate collections started. |
| 3041 | Keyfactor Command | Alert | The periodic process to update the temporary tables that store information on which certificates are in which certificate collections failed. |
| 3042 | Keyfactor Command | Alert | The periodic process to update the temporary tables that store information on which certificates are in which certificate collections was canceled. |
| 3043 | Keyfactor Command | Alert | The periodic process to update the temporary tables that store information on which certificates are in which certificate collections succeeded. |
| 3044 | Keyfactor Command | Maintenance | The periodic process to remove records from temporary files generated while running reports started. |
| 3045 | Keyfactor Command | Maintenance | The periodic process to remove records from temporary files generated while running reports failed. |
| 3046 | Keyfactor Command | Maintenance | The periodic process to remove records from temporary files generated while running reports was canceled. |
| 3047 | Keyfactor Command | Maintenance | The periodic process to remove records from temporary files generated while running reports succeeded. |
| 3048 | Keyfactor Command | Other | The periodic process to attempt to continue all suspended workflows that may be eligible to continue but have not done so due to locking conflicts started. |
| 3049 | Keyfactor Command | Other | The periodic process to attempt to continue all suspended workflows that may be eligible to continue but have not done so due to locking conflicts failed. |
| 3050 | Keyfactor Command | Other | The periodic process to attempt to continue all suspended workflows that may be eligible to continue but have not done so due to locking conflicts was canceled. |
| 3051 | Keyfactor Command | Other | The periodic process to attempt to continue all suspended workflows that may be eligible to continue but have not done so due to locking conflicts succeeded. |
| 3052 | Keyfactor Command | Maintenance | The periodic process to identify and schedule SSL discovery and monitoring jobs started. |
| 3053 | Keyfactor Command | Maintenance | The periodic process to identify and schedule SSL discovery and monitoring jobs failed. |
| 3054 | Keyfactor Command | Maintenance | The periodic process to identify and schedule SSL discovery and monitoring jobs was canceled. |
| 3055 | Keyfactor Command | Maintenance | The periodic process to identify and schedule SSL discovery and monitoring jobs succeeded. |
| 3056 | Keyfactor Command | Maintenance | The periodic process to synchronize certificate templates from a source (e.g. Active Directory) to pick up new templates started. |
| 3057 | Keyfactor Command | Maintenance | The periodic process to synchronize certificate templates from a source (e.g. Active Directory) to pick up new templates failed. |
| 3058 | Keyfactor Command | Maintenance | The periodic process to synchronize certificate templates from a source (e.g. Active Directory) to pick up new templates was canceled. |
| 3059 | Keyfactor Command | Maintenance | The periodic process to synchronize certificate templates from a source (e.g. Active Directory) to pick up new templates succeeded. |
| 3060 | Keyfactor Command | Maintenance | The periodic process to run the Microsoft SQL update statistics function in the Keyfactor Command database started. |
| 3061 | Keyfactor Command | Maintenance | The periodic process to run the Microsoft SQL update statistics function in the Keyfactor Command database failed. |
| 3062 | Keyfactor Command | Maintenance | The periodic process to run the Microsoft SQL update statistics function in the Keyfactor Command database was canceled. |
| 3063 | Keyfactor Command | Maintenance | The periodic process to run the Microsoft SQL update statistics function in the Keyfactor Command database succeeded. |
| 3064 | Keyfactor Command | Maintenance | The periodic process to remove any completed workflow instances (both successful and failed) in the Keyfactor Command database that have aged past the date as defined in that application started. |
| 3065 | Keyfactor Command | Maintenance | The periodic process to remove any completed workflow instances (both successful and failed) in the Keyfactor Command database that have aged past the date as defined in that application failed. |
| 3066 | Keyfactor Command | Maintenance | The periodic process to remove any completed workflow instances (both successful and failed) in the Keyfactor Command database that have aged past the date as defined in that application canceled. |
| 3067 | Keyfactor Command | Maintenance | The periodic process to remove any completed workflow instances (both successful and failed) in the Keyfactor Command database that have aged past the date as defined in that application succeeded. |
| 3068 | Keyfactor Command | Alert | An alert for a certificate collection workflow started. |
| 3069 | Keyfactor Command | Alert | An alert for a certificate collection workflow failed. |
| 3070 | Keyfactor Command | Alert | An alert for a certificate collection workflow canceled. |
| 3071 | Keyfactor Command | Alert | An alert for a certificate collection workflow succeeded. |
| 3072 | Keyfactor Command | Alert | An orchestrator alert that a notification alert started. |
| 3073 | Keyfactor Command | Alert | An orchestrator alert that a notification alert failed. |
| 3074 | Keyfactor Command | Alert | An orchestrator alert that a notification alert canceled. |
| 3075 | Keyfactor Command | Alert | An orchestrator alert that a notification alert succeeded. |
| 3076 | Keyfactor Command | Alert | An alert that a secrets search is started. |
| 3077 | Keyfactor Command | Alert | An alert that a secrets search is failed. |
| 3078 | Keyfactor Command | Alert | An alert that a secrets search is canceled. |
| 3079 | Keyfactor Command | Alert | An alert that a secrets search is succeeded. |
| 3080 | Keyfactor Command | Alert | An alert for a certificate store workflow started. |
| 3081 | Keyfactor Command | An alert for a certificate store workflow failed. | |
| 3082 | Keyfactor Command | An alert for a certificate store workflow canceled. | |
| 3083 | Keyfactor Command | An alert for a certificate store workflow succeeded. | |
| 3084 | Keyfactor Command | An alert for a key rotation workflow failed. | |
| 3085 | Keyfactor Command | An alert for a key rotation workflow succeded. | |
| 3086 | Keyfactor Command | An alert for a key rotation workflow canceled. | |
| 3087 | Keyfactor Command | An alert for a key rotation workflow started. | |
| 3088 | Keyfactor Command | An alert for a certificate expiration workflow failed. | |
| 3089 | Keyfactor Command | An alert for a certificate expiration workflow succeeded. | |
| 3090 | Keyfactor Command | An alert for a certificate expiration workflow canceled. | |
| 3091 | Keyfactor Command | An alert for a certificate expiration workflow started. | |
| 3092 | Keyfactor Command | An alert for a revocation monitoring workflow started. | |
| 3093 | Keyfactor Command | An alert for a revocation monitoring workflow failed. | |
| 3094 | Keyfactor Command | An alert for a revocation monitoring workflow canceled. | |
| 3095 | Keyfactor Command | An alert for a revocation monitoring workflow succeeded. | |
| 6050 | Keyfactor Command | Monitoring | Logging handler notification for alerts |
| 9999 | Keyfactor Command | Unknown error |
Keyfactor Command Audit Log
Table 100: Keyfactor Command Windows Event IDs for Audit Log shows some of the more common event IDs generated by the Keyfactor Command audit log.
Table 100: Keyfactor Command Windows Event IDs for Audit Log
|
Value |
Source | Task Category | Subcategory Name |
Description |
|---|---|---|---|---|
|
2001 |
Keyfactor Command | Audit Log | Certificate |
Certificate |
|
2001 |
Keyfactor Command | Audit Log | Auditing Certificate Scheduled Replacement |
Auditing Certificate Scheduled Replacement |
|
2001 |
Keyfactor Command | Audit Log | Auditing Certificate Request |
Certificate Request |
|
2002 |
Keyfactor Command | Audit Log | ApiApplication |
API Application |
|
2003 |
Keyfactor Command | Audit Log | Template |
Template |
|
2004 |
Keyfactor Command | Audit Log | CertificateQuery |
Certificate Collection/Query |
|
2005 |
Keyfactor Command | Audit Log | ExpirationAlert |
Expiration Alert |
|
2005 |
Keyfactor Command | Audit Log | Expiration Alert Definition Context Model |
Expiration Alert |
|
2006 |
Keyfactor Command | Audit Log | PendingAlert |
Pending Alert |
|
2006 |
Keyfactor Command | Audit Log | Pending Alert Definition Context Model |
Pending Alert |
|
2007 |
Keyfactor Command | Audit Log | ApplicationSetting |
Application Setting |
|
2008 |
Keyfactor Command | Audit Log | IssuedAlert |
Issued Alert |
|
2008 |
Keyfactor Command | Audit Log | Issued Alert Definition Context Model |
Issued Alert |
|
2009 |
Keyfactor Command | Audit Log | DeniedAlert |
Denied Alert |
|
2009 |
Keyfactor Command | Audit Log | Denied Alert Definition Context Model |
Denied Alert |
|
2010 |
Keyfactor Command | Audit Log | ADIdentityModel |
Security Identity |
|
2011 |
Keyfactor Command | Audit Log | SecurityRole |
Security Role |
|
2012 |
Keyfactor Command | Audit Log | AuthorizationFailure |
Authorization Failure |
|
2013 |
Keyfactor Command | Audit Log | CertificateSigningRequest |
CSR |
|
2014 |
Keyfactor Command | Audit Log | ServerGroup |
SSH Server Group |
|
2015 |
Keyfactor Command | Audit Log | Server |
SSH Server |
| 2016 | Keyfactor Command | Audit Log | DiscoveredKey | Rogue Key for Logon |
| 2016 | Keyfactor Command | Audit Log | Key | SSH Key |
|
2017 |
Keyfactor Command | Audit Log | ServiceAccount |
SSH Service Account |
|
2018 |
Keyfactor Command | Audit Log | Logon |
SSH Logon |
|
2019 |
Keyfactor Command | Audit Log | SshUser |
SSH User |
|
2020 |
Keyfactor Command | Audit Log | Key Rotation Alert Definition Context Model |
SSH Key Rotation Alert |
| 2021 | Keyfactor Command | Audit Log | CertificateStore | Certificate Store |
| 2022 | Keyfactor Command | Audit Log | JobType | Orchestrator Job Type |
| 2023 | Keyfactor Command | Audit Log | AgentSchedule | Orchestrator Job |
| 2024 | Keyfactor Command | Audit Log | Bulk Agent Schedule | Bulk Orchestrator Job |
| 2025 | Keyfactor Command | Audit Log | Certificate Store Container | Store Container |
| 2026 | Keyfactor Command | Audit Log | Agent | Orchestrator |
| 2027 | Keyfactor Command | Audit Log | Revocation Monitoring | Monitoring |
| 2028 | Keyfactor Command | Audit Log | License | License |
| 2029 | Keyfactor Command | Audit Log | WorkflowDefinition | Workflow Definition |
| 2030 | Keyfactor Command | Audit Log | WorkflowInstance | Workflow Instance |
| 2031 | Keyfactor Command | Audit Log | WorkflowInstanceSignal | Workflow Instance Signal |
| 2032 | Keyfactor Command | Audit Log | IdentityProvider | Identity Provider |
| 2033 | Keyfactor Command | Audit Log | RoleClaimDefinition | Claim Definition |
| 2034 | Keyfactor Command | Audit Log | PermissionSet | Permission Set |
Keyfactor Universal Orchestrator
Table 101: Keyfactor Universal Orchestrator Windows Event IDs shows some of the more common event IDs generated by the Keyfactor Orchestrator.
Table 101: Keyfactor Universal Orchestrator Windows Event IDs
|
Event ID |
Source | Task Category | Description |
|---|---|---|---|
| 1500 | Keyfactor Orchestrator | SSL Discovery | Starting SSL discovery job |
| 1510 | Keyfactor Orchestrator | SSL Discovery | Completed SSL discovery job |
| 1520 | Keyfactor Orchestrator | SSL Discovery | Error while performing SSL discovery job |
| 1600 | Keyfactor Orchestrator | SSL Monitor | Starting SSL monitoring job |
| 1610 | Keyfactor Orchestrator | SSL Monitor | Completed SSL monitoring job |
| 1620 | Keyfactor Orchestrator | SSL Monitor | Error while performing SSL monitoring job |
| 1630 | Keyfactor Orchestrator | SSL Monitor | Error connecting to an endpoint during an SSL scan |
| 1640 | Keyfactor Orchestrator | SSL Monitor | Certificate approaching expiration found at endpoint during an SSL scan |
| 2400 | Keyfactor Orchestrator | AnyAgent Inventory |
Starting inventory job for an AnyAgent certificate store |
| 2410 | Keyfactor Orchestrator | AnyAgent Inventory |
Completed inventory job for an AnyAgent certificate |
| 2420 | Keyfactor Orchestrator | AnyAgent Inventory |
Error while performing inventory job for an AnyAgent certificate store |
| 2500 | Keyfactor Orchestrator | AnyAgent Management |
Starting management job for an AnyAgent certificate store |
| 2510 | Keyfactor Orchestrator | AnyAgent Management |
Completed management job for an AnyAgent certificate |
| 2520 | Keyfactor Orchestrator | AnyAgent Management |
Error while performing management job for an AnyAgent certificate store |
| 2800 | Keyfactor Orchestrator | Audit Log | Starting fetch logs job |
| 2810 | Keyfactor Orchestrator | Audit Log | Completed fetch logs job |
| 2820 | Keyfactor Orchestrator | Audit Log | Error while performing fetch logs job |
| 2900 | Keyfactor Orchestrator | Agent Service | Job manager for the Keyfactor Universal Orchestrator starting |
| 2920 | Keyfactor Orchestrator | Agent Service | Job manager for the Keyfactor Universal Orchestrator stopped |
Keyfactor Cloud Gateway and Keyfactor Windows Enrollment Gateway
Table 102: Keyfactor Cloud Gateway and Keyfactor Windows Enrollment Gateway Windows Event IDs shows some of the more common event IDs generated by the Keyfactor Cloud Gateway and Keyfactor Windows Enrollment Gateway. Some event IDs apply only to the Keyfactor Cloud Gateway.
Table 102: Keyfactor Cloud Gateway and Keyfactor Windows Enrollment Gateway Windows Event IDs
|
Event ID |
Source | Task Category | Description |
|---|---|---|---|
| 12040 | CSS Managed CA Gateway (Keyfactor Cloud Gateway) | Auditing |
Request called. User: <username> |
| 13001 |
CSS Managed CA Gateway Keyfactor Windows Enrollment Gateway |
Sync Service |
Sync Service Started |
| 13002 |
CSS Managed CA Gateway Keyfactor Windows Enrollment Gateway |
Sync Service |
Error starting sync service: <Error message> |
| 13003 |
CSS Managed CA Gateway Keyfactor Windows Enrollment Gateway |
Sync Service | Sync Service Stopped |
| 13011 |
CSS Managed CA Gateway Keyfactor Windows Enrollment Gateway |
Sync Service | Starting Account Synchronization |
| 13012 |
CSS Managed CA Gateway Keyfactor Windows Enrollment Gateway |
Sync Service |
|
| 13013 |
CSS Managed CA Gateway Keyfactor Windows Enrollment Gateway |
Sync Service |
Account synchronization successful |
| 13021 | CSS Managed CA Gateway | Sync Service | Starting Template Synchronization |
| 13022 | CSS Managed CA Gateway | Sync Service |
|
| 13023 | CSS Managed CA Gateway | Sync Service | Template synchronization successful |