Message	Id	Level	Task	Keywords	RecordId	ProviderName	ProviderId	LogName	ProcessId	ThreadId	MachineName	UserId	TimeCreated	ActivityId	ContainerLog	MatchedQueryIds	Bookmark	LevelDisplayName	OpcodeDisplayName	TaskDisplayName	KeywordsDisplayNames	Properties
DPAPI created Master key. GUID: {C64C5D2A-6580-42AE-9DF4-AD41A2105BBF} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\User\	1	4	2	-9223372036854775806	8	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	820	856	WIN-5T344G8GM1H	S-1-5-18	7/15/2021 6:36:11 PM	2db39180-79a8-0005-8491-b32da879d701	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {BC389290-9795-43B2-B99B-D6D6CDA00930} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	7	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	820	856	WIN-5T344G8GM1H	S-1-5-18	7/15/2021 6:36:11 PM	2db39180-79a8-0005-8491-b32da879d701	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {EB9E412B-8124-40EA-963B-D92A14E0FD57} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	6	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	820	856	WIN-5T344G8GM1H	S-1-5-18	7/15/2021 6:35:49 PM	2db39180-79a8-0005-8491-b32da879d701	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {C7198921-60F0-4D6D-9A49-A14367A7A880} User Storage Area: C:\Users\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-416071247-492812682-1642729393-500\	1	4	2	-9223372036854775806	5	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	640	680	WIN-5T344G8GM1H	S-1-5-18	1/16/2018 5:02:22 PM	a4626349-8ea8-0000-df63-62a4a88ed301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {D3ECD52C-2D44-4F3C-8C05-9CCDC4E9B585} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\User\	1	4	2	-9223372036854775806	4	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	744	WIN-PD8DQPRRTAO	S-1-5-18	1/16/2018 5:01:29 PM	60e27e42-8f3f-0003-7a7e-e2603f8fd301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {1D7DC317-5487-4EE6-8BF8-0102D0030E5B} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	3	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	744	WIN-PD8DQPRRTAO	S-1-5-18	1/16/2018 5:01:29 PM	60e27e42-8f3f-0003-7a7e-e2603f8fd301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {CB844988-F947-47BF-A007-354E50218147} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	2	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	748	WIN-PD8DQPRRTAO	S-1-5-18	1/17/2018 3:01:05 AM	60e27e42-8f3f-0003-7a7e-e2603f8fd301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {1F2DBBD5-4949-4E62-8FD1-B624A8CE2C1B} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\User\	1	4	2	-9223372036854775806	1	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	716	WIN-PD8DQPRRTAO	S-1-5-18	1/17/2018 3:01:05 AM		microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]