If you want to enable or disable Protected Event Logging in Windows 11 and Windows 10, this step-by-step guide helps you go through the process. However, you must include an Encryption certificate if you want to enable Protected Event Logging in Windows 11/10.
For your information, you can turn this setting on or off with the help of the Local Group Policy Editor and Registry Editor. If you want to use the REGEDIT method, don’t forget to backup Registry files first.
Enable or disable Protected Event Logging using Group Policy
To enable or disable Protected Event Logging in Windows 11/10 using Group Policy, follow these steps:
- Press Win+R to open the Run prompt.
- Type mscand hit the Enter button.
- Navigate to Event Logging in Computer Configuration.
- Double-click on the Enable Protected Event Logging
- Choose the Enabled option.
- Enter the encryption certificate.
- Click the OK button.
To learn more about these steps, continue reading.
To get started, you need to open the Local Group Policy Editor first. For that, press Win+R to open the Run prompt, type gpedit.msc, and hit the Enter button.
Once it is opened on your screen, navigate to the following path:
Computer Configuration > Administrative Templates > Windows Components > Event Logging
Here you can find a setting called Enable Protected Event Logging on the right-hand side. You need to double-click on this setting and choose the Enabled option.
Then, enter the encryption key in the respective box and click the OK button.
After that, your log data will be encrypted. In case you want to disable or turn off Protected Event Logging in Windows 11/10, you need to open the same setting in the Local Group Policy Editor and choose the Disabled or Not Configured option.
- Keyboard is locked; How to unlock a Locked Keyboard
- Scroll Bar Missing in Chrome on Win 10 – Get It Back [Partition Magic]
- [Solved] Error 0x80070718, Not enough Quota is available to process this command
- How to Enable or Add Missing Outlook Search Bar | 2021 Guide
- 4 Ways to Fix Windows 11/10 Update Error 0x80240023 [Full Guide] [Partition Magic]
Read also:
Read: Event Log Manager & Event Log Explorer software.
Turn on or off Protected Event Logging using Registry
To turn on or off Protected Event Logging in Windows 11/10 using Registry, follow these steps:
- Press Win+R to display the Run prompt.
- Type regedit > press the Enter button > click the Yes
- Navigate to Windows in HKLM.
- Right-click on Windows > New > Key.
- Name it as EventLog.
- Right-click on EventLog > New > Key.
- Name it as ProtectedEventLogging.
- Right-click on ProtectedEventLogging > New > DWORD (32-bit) Value.
- Set the name as EnableProtectedEventLogging.
- Double-click on it to set the Value data as 1.
- Right-click on ProtectedEventLogging > New > Multi-String Value.
- Name it as EncryptionCertificate.
- Double-click on it to enter the encryption certificate.
- Click the OK button.
- Reboot your computer.
Let’s check out these steps in detail.
Once it is opened, navigate to the following path:
HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows
Double-click on it to set the Value data as 1 and click the OK button.
Double-click on it to enter the encryption certificate.
- TOR browser not opening or working in Windows 11/10
- SysKey – Prevent Windows password cracks
- How to use your laptop as a monitor
- Fix Error performing inpage operation on Windows 11/10
- How to Disable BIOS Cache or Shadowing?
Read more:
Once done, click the OK button and reboot your computer.
If you want to turn off Protected Event Logging using Registry Editor, you need to delete the REG_DWORD value and Multi-String Value.
TIP: Windows Event Viewer Plus is a portable freeware app that lets you view Event Logs faster than the default in-built Windows Event Viewer and also export the Entry to a text file, select the Web Search Button to look up the entry online, to find out more information or troubleshoot errors.
How do I change Event Viewer settings?
You can change the Event Viewer settings for a particular log file by opening its properties. Right-click on the log file you want to change the Event Viewer settings for and select properties. Now, in the properties window, you can change the maximum log size, overwrite events, clear the log manually, etc.
What are the five types of Event Logs?
For your information, there are five different types of Event Logs – Information, Error, Success Audit, Warning, and Failure Audit. You can encrypt all kinds of Event Logs with the help of the aforementioned tutorials. You can follow the REGEDIT or the GPEDIT method to get the job done.
That’s all! Hope this guide helped.
Read: How to clear the Event Log in Windows.
Source: https://www.thewindowsclub.com/enable-or-disable-protected-event-logging-in-windows