Microsoft-Windows-ShieldedVM-ProvisioningSecureProcess
102 events across 2 channels
Event ID 1 — Provisioning Secure Process created
Event ID 1 —
Description
Provisioning Secure Process created.
Fields #
| Name | Description |
|---|---|
NtStatus UInt32 | — |
Event ID 2 — Provisioning Secure Process could not initialize based on the command line arguments
Event ID 2 —
Description
Provisioning Secure Process could not initialize based on the command line arguments.
Fields #
| Name | Description |
|---|---|
NtStatus UInt32 | — |
Event ID 3 — Provisioning Secure Process is closing
Event ID 3 —
Description
Provisioning Secure Process is closing.
Fields #
| Name | Description |
|---|---|
NtStatus UInt32 | — |
Event ID 4 — Provisioning Secure Process argument was TemplateNameFound.
Event ID 4 —
Description
Provisioning Secure Process argument was.
Fields #
| Name | Description |
|---|---|
TemplateNameFound UnicodeString | — |
Event ID 5 — Provisioning Secure Process was not provided the expected argument and will exit
Event ID 5 —
Description
Provisioning Secure Process was not provided the expected argument and will exit.
Fields #
| Name | Description |
|---|---|
NtStatus UInt32 | — |
Event ID 6 — Provisioning Secure Process was not provided the expected argument and will exit
Event ID 6 —
Description
Provisioning Secure Process was not provided the expected argument and will exit.
Fields #
| Name | Description |
|---|---|
TemplateNameFound UnicodeString | — |
Event ID 7 — Provisioning Secure Process parsed the command line arguments as MachineID.
Event ID 7 —
Description
Provisioning Secure Process parsed the command line arguments as.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 8 — Provisioning Secure Process could not set the trustlet identity and must exit
Event ID 8 —
Description
Provisioning Secure Process could not set the trustlet identity and must exit.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 9 — Provisioning Secure Process could not initialize the remote TPM assets and must exit
Event ID 9 —
Description
Provisioning Secure Process could not initialize the remote TPM assets and must exit.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 10 — Provisioning Secure Process could not initialize the RPC server
Event ID 10 —
Description
Provisioning Secure Process could not initialize the RPC server.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 11 — Provisioning Secure Process could not register with the RPC server
Event ID 11 —
Description
Provisioning Secure Process could not register with the RPC server.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 12 — Provisioning Secure Process transitioned to state EndState.
Event ID 12 —
Description
Provisioning Secure Process transitioned to state.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
TransitionTime FILETIME | — |
ValidStartState Boolean | — |
StartState UInt8 | — |
EndState UInt8 | — |
Event ID 13 — Provisioning Secure Process transitioned to state EndState.
Event ID 13 —
Description
Provisioning Secure Process transitioned to state.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
TransitionTime FILETIME | — |
ValidStartState Boolean | — |
StartState UInt8 | — |
EndState UInt8 | — |
ActionPriority UInt32 | — |
ActionStartingState UInt8 | — |
ActionNewState UInt8 | — |
ActionType UInt8 | — |
Event ID 14 — Provisioning Secure Process is not running within IUM.
Event ID 14 —
Description
Provisioning Secure Process is not running within IUM. This degrades security.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 15 — Provisioning Secure Process received a message from source SourceGroup of length Length.
Event ID 15 —
Description
Provisioning Secure Process received a message from source of length .
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
SourceGroup UInt8 | — |
Length UInt32 | — |
Event ID 16 — Provisioning Secure Process received a request for the PDK.
Event ID 16 —
Description
Provisioning Secure Process received a request for the PDK.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 17 — Provisioning Secure Process is sending the PDK to the provisioning agent.
Event ID 17 —
Description
Provisioning Secure Process is sending the PDK to the provisioning agent.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 18 — Provisioning Secure Process has sent the encrypted PDK to the virtual machine.
Event ID 18 —
Description
Provisioning Secure Process has sent the encrypted PDK to the virtual machine.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 19 — Provisioning Secure Process received a PDK that was invalid or could not be decrypted.
Event ID 19 —
Description
Provisioning Secure Process received a PDK that was invalid or could not be decrypted.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 20 — Provisioning Secure Process encountered an error while processing the EFI database.
Event ID 20 —
Description
Provisioning Secure Process encountered an error while processing the EFI database.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 21 — Provisioning Secure Process encountered an error while generating the server key and cannot continue.
Event ID 21 —
Description
Provisioning Secure Process encountered an error while generating the server key and cannot continue.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 22 — Provisioning Secure Process encountered an error while extending the Secure Boot PCR and cannot continue.
Event ID 22 —
Description
Provisioning Secure Process encountered an error while extending the Secure Boot PCR and cannot continue.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 23 — Provisioning Secure Process encountered an error while extending the Boot Lock PCR and cannot continue.
Event ID 23 —
Description
Provisioning Secure Process encountered an error while extending the Boot Lock PCR and cannot continue.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 24 — Provisioning Secure Process encountered an error while accessing secure storage and cannot continue.
Event ID 24 —
Description
Provisioning Secure Process encountered an error while accessing secure storage and cannot continue.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 25 — Provisioning Secure Process encountered an error while working with the remote TPM and cannot continue.
Event ID 25 —
Description
Provisioning Secure Process encountered an error while working with the remote TPM and cannot continue.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 26 — Provisioning Secure Process encountered an error while working with the remote RTPM key and cannot authenticate the PDK.
Event ID 26 —
Description
Provisioning Secure Process encountered an error while working with the remote RTPM key and cannot authenticate the PDK.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 27 — Provisioning Secure Process encountered an error while attempting miniature attestation.
Event ID 27 —
Description
Provisioning Secure Process encountered an error while attempting miniature attestation.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 28 — Provisioning Secure Process encountered an error while creating and sending the provisioning message to the provisioning agent.
Event ID 28 —
Description
Provisioning Secure Process encountered an error while creating and sending the provisioning message to the provisioning agent.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 29 — Provisioning Secure Process could not collect necessary security info from the secure kernel.
Event ID 29 —
Description
Provisioning Secure Process could not collect necessary security info from the secure kernel.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 30 — Provisioning Secure Process is populating the boot authority information from the template.
Event ID 30 —
Description
Provisioning Secure Process is populating the boot authority information from the template.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 31 — Provisioning Secure Process will allow the UEFI certificate authority for this boot.
Event ID 31 —
Description
Provisioning Secure Process will allow the UEFI certificate authority for this boot.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 32 — Provisioning Secure Process attestation error - PCR PcrIndex, error DiagnosticEventId.
Description
Provisioning Secure Process attestation error - PCR PcrIndex, error DiagnosticEventId.
Message #
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
PcrIndex UInt32 | — |
DiagnosticEventId UInt32 | — |
Name UnicodeString | — |
AuthoritativeEventOrder UInt32 | — |
AuthoritativeEventLength UInt32 | — |
AuthoritativeEvent Binary | — |
AttestationEventOrder UInt32 | — |
AttestationEventLength UInt32 | — |
AttestationEvent Binary | — |
Event ID 32 —
Description
Provisioning Secure Process attestation error - PCR , error.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
PcrIndex UInt32 | — |
DiagnosticEventId UInt32 | — |
Name UnicodeString | — |
AuthoritativeEventOrder UInt32 | — |
AuthoritativeEventLength UInt32 | — |
AuthoritativeEvent Binary | — |
AttestationEventOrder UInt32 | — |
AttestationEventLength UInt32 | — |
AttestationEvent Binary | — |
Event ID 33 — Provisioning Secure Process received a PDK that was invalid or could not be decrypted (payload included)
Event ID 33 —
Description
Provisioning Secure Process received a PDK that was invalid or could not be decrypted (payload included).
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
BlobSize UInt32 | — |
Blob Binary | — |
Event ID 34 — Provisioning Secure Process received a message from NMPS that was invalid or could not be interpreted
Event ID 34 —
Description
Provisioning Secure Process received a message from NMPS that was invalid or could not be interpreted.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 35 — Provisioning Secure Process received a message from NMPS that was invalid or could not be interpreted (payload included)
Event ID 35 —
Description
Provisioning Secure Process received a message from NMPS that was invalid or could not be interpreted (payload included).
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
BlobSize UInt32 | — |
Blob Binary | — |
Event ID 36 — Provisioning Secure Process received a message that was invalid or could not be interpreted
Event ID 36 —
Description
Provisioning Secure Process received a message that was invalid or could not be interpreted.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 37 — Provisioning Secure Process received a message that was invalid or could not be interpreted (payload included)
Event ID 37 —
Description
Provisioning Secure Process received a message that was invalid or could not be interpreted (payload included).
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
BlobSize UInt32 | — |
Blob Binary | — |
Event ID 38 — Provisioning Secure Process is starting the version negotiation with the provisioning agent
Event ID 38 —
Description
Provisioning Secure Process is starting the version negotiation with the provisioning agent.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 39 — Provisioning Secure Process received version information from the provisioning agent
Description
Provisioning Secure Process received version information from the provisioning agent.
Message #
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
VersionNegotiationVersion UInt8 | — |
DeclaredVersionMajor UInt16 | — |
DeclaredVersionMinor UInt16 | — |
DeclaredVersionBuild UInt16 | — |
DeclaredVersionRelease UInt16 | — |
DeclaredVersionLogicalMajor UInt8 | — |
DeclaredVersionLogicalMinor UInt8 | — |
AcceptableVersionStartMajor UInt8 | — |
AcceptableVersionStartMinor UInt8 | — |
Event ID 39 —
Description
Provisioning Secure Process received version information from the provisioning agent.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
VersionNegotiationVersion UInt8 | — |
DeclaredVersionMajor UInt16 | — |
DeclaredVersionMinor UInt16 | — |
DeclaredVersionBuild UInt16 | — |
DeclaredVersionRelease UInt16 | — |
DeclaredVersionLogicalMajor UInt8 | — |
DeclaredVersionLogicalMinor UInt8 | — |
AcceptableVersionStartMajor UInt8 | — |
AcceptableVersionStartMinor UInt8 | — |
Event ID 40 — Provisioning Secure Process declared version information
Event ID 40 —
Description
Provisioning Secure Process declared version information.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
DeclaredVersionMajor UInt16 | — |
DeclaredVersionMinor UInt16 | — |
DeclaredVersionBuild UInt16 | — |
DeclaredVersionRelease UInt16 | — |
DeclaredVersionLogicalMajor UInt8 | — |
DeclaredVersionLogicalMinor UInt8 | — |
Event ID 41 — Provisioning Secure Process finished negotiating the protocol version
Event ID 41 —
Description
Provisioning Secure Process finished negotiating the protocol version.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 42 — Provisioning Secure Process accepted a protocol version for communication
Event ID 42 —
Description
Provisioning Secure Process accepted a protocol version for communication.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
AcceptedVersionStartMajor UInt8 | — |
AcceptedVersionStartMinor UInt8 | — |
Event ID 43 — Provisioning Secuity Process failed to predict the UEFI Secure Boot variables from the launch authority returned from attestation
Event ID 43 —
Description
Provisioning Secuity Process failed to predict the UEFI Secure Boot variables from the launch authority returned from attestation.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 44 — Provisioning Secuity Process detected a mismatched UEFI db variable on the target and is prevented from adopting this value by policy
Event ID 44 —
Description
Provisioning Secuity Process detected a mismatched UEFI db variable on the target and is prevented from adopting this value by policy.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 45 — Provisioning Secuity Process detected a mismatched UEFI dbx variable on the target and is prevented from adopting this value by policy
Event ID 45 —
Description
Provisioning Secuity Process detected a mismatched UEFI dbx variable on the target and is prevented from adopting this value by policy.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 46 — Provisioning Secuity Process failed to match the target machine UEFI Secure Boot configuration
Event ID 46 —
Description
Provisioning Secuity Process failed to match the target machine UEFI Secure Boot configuration.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
NtStatus UInt32 | — |
Event ID 47 — Provisioning Secuity Process failed to validate the target BootOS Provisioning Agent scenario ID and version
Event ID 47 —
Description
Provisioning Secuity Process failed to validate the target BootOS Provisioning Agent scenario ID and version.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 48 — Provisioning Secuity Process has failed to verify the target machine so no Machine Key will be produced, provisioning will fail
Event ID 48 —
Description
Provisioning Secuity Process has failed to verify the target machine so no Machine Key will be produced, provisioning will fail.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 49 — The PDK decypted by PSP does not contain an RRK and therefore no VMRK will be generated
Event ID 49 —
Description
The PDK decypted by PSP does not contain an RRK and therefore no VMRK will be generated.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 50 — The PDK decypted by PSP contains an RRK and a VMRK has been generated
Event ID 50 —
Description
The PDK decypted by PSP contains an RRK and a VMRK has been generated.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |
Event ID 51 — Processing the RRK failed
Event ID 51 —
Description
Processing the RRK failed.
Fields #
| Name | Description |
|---|---|
MachineID GUID | — |