My Event Log (Windows API) sensors fail after installing Windows updates. What can I do?

Modified on 2025-06-10 11:12:30 +0200

After installing the latest Windows updates, my Event Log (Windows API) sensors do not work with error messages:

"Access Denied, Code:5, or 1314 a required privilege is not held by the client."

Workaround for the Event Log (Windows API) sensor issue

Event Log (Windows API) sensors might not work anymore after Windows updates of June 2021 because of security hardening changes for the Event Tracing for Windows (ETW) that relate to the security vulnerability issue CVE-2021-31958. For more information on this issue, see https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31958.

The Event Log (Windows API) sensor will be deprecated. Please use the WMI Event Log sensor instead, which provides the same functionalities.

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

My Event Log (Windows API) sensors fail after installing Windows updates. What can I do?

After installing the latest Windows updates, my Event Log (Windows API) sensors do not work with error messages:

"Access Denied, Code:5, or 1314 a required privilege is not held by the client."

Workaround for the Event Log (Windows API) sensor issue

Search

Tags

Related Articles