I need to check which encryption level is being used for a Windows Remote Desktop session. I found this question, which shows how to enable logging that shows the client handshake and level of encryption. However, I noticed that this type of event seems to occur all the time on the host computer, even when I am not attempting to RDP into it. This makes it difficult to tell which events are generated from a Remote Desktop client connection attempt. Is there a way to identify the events being generated by an RDP connection so that I can tell what level of encryption is being agreed upon and used for the RDP session? (Alternatively, is there another way to check the encryption level for an RDP session?)
The host is Windows 7 Pro. The clients are varied.
