CertificateServicesClient-CertEnroll events filling event logs of Terminal Servers

We're encountering THOUSANDS of CertificateServicesClient-CertEnroll 64 & 65 events per day on our terminal servers (XenApp).

SURE, we can filter the view, but the massive number of routine events is filling the logs and kicking out more worthwhile events.  SURE, we could increase the size of the logs, but that would be a waste of space and lead to sluggish performance when viewing or filter logs.

Same issue described at http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/c1684a47-b1e7-46ae-a365-c776203892a2/

Anyone have any thoughts on disabling these two events?
FCOASystems AdminAsked:
Who is Participating?
 
FCOAConnect With a Mentor Systems AdminAuthor Commented:
Bump!
0
 
FCOASystems AdminAuthor Commented:
PS- Incase anyone wants it, here's the XML to filter these events from the log:

<QueryList>
  <Query Id="0" Path="Application">
    <Select Path="Application">*</Select>
    <Suppress Path="Application">*[System[Provider[@Name='Microsoft-Windows-CertificateServicesClient-CertEnroll'] and ( (EventID &gt;= 64 and EventID &lt;= 65) )]]</Suppress>
  </Query>
</QueryList>
0
 
FCOASystems AdminAuthor Commented:
No answer found.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.