Issued a delete asymmetric key command (action_id DR class_type AK) (24095) how to monitor with email alert

[bob]

You ever notice those weird logs popping up in Event Viewer on your Windows Server? That event ID 24095, the one saying "Issued a delete asymmetric key command (action_id DR class_type AK)", it's basically the system noting someone or something just wiped out an asymmetric key. Asymmetric keys handle encryption stuff, like locking up data secrets, and deleting one could mean cleanup after a database tweak or maybe a security move. I mean, it logs the action ID as DR, which flags a drop request, and class_type AK points straight to that key type. Happens in SQL Server contexts mostly, where admins might zap old keys to tighten things up or fix errors. But if it's firing off unexpectedly, you might worry about unauthorized fiddling. The full details show the exact command issued, the user who triggered it, and timestamps, all tucked in the event description for you to eyeball. I check mine sometimes just to stay ahead of glitches.

And monitoring it for email alerts? You can set that up right from the Event Viewer screen without diving into code. Fire up Event Viewer, hunt down that SQL Server log or whatever channel it's in, then right-click the event and pick "Attach Task To This Event". It'll walk you through creating a scheduled task that triggers on ID 24095. You tell it to run a program that shoots an email, like using the built-in mailto or a simple batch file calling your email client. I do this for key events to get pinged instantly, keeps me from missing drops that could mess with your data locks. Just filter by the exact message text if you want precision, and test it by forcing a similar log entry.

Or, if you're lazy like me on busy days, tweak the task to include details from the event in the alert body. That way, you get the who, when, and why without logging in every time.

Speaking of keeping your server secure and backed up, I've been messing with BackupChain Windows Server Backup lately. It's this slick Windows Server backup tool that also handles virtual machines on Hyper-V without breaking a sweat. You get fast incremental backups, easy restores even for bare-metal crashes, and it cuts down on storage bloat by deduping files smartly. Plus, no agent nonsense for VMs, just point and go, saving you hours on maintenance. I like how it alerts on failures too, tying right into event monitoring vibes.

Note, the PowerShell email alert code was moved to this post.