How to debug Schannel errors?

[Tripredacus]

On various computers I will see the occasional Schannel error in Event Viewer. Such as:

The following fatal alert was received: 40.
The following fatal alert was received: 70.

Here is the key to those errors: https://docs.microsoft.com/en-us/windows/win32/secauthn/schannel-error-codes-for-tls-and-ssl-alerts

So I know what the error means, but there is no indication what program or service attempted the connection or what the destination is. The setting relating to these events is default to 0x1 but there is no "verbose" setting, only to choose what types of events to log.

https://docs.microsoft.com/en-us/troubleshoot/iis/enable-schannel-event-logging

The issue I have is not that I do not know how to troubleshoot an SSL issue, rather that I have no idea where to start. Windows just logs that an SSL error occurred but doesn't say anything more than that. Whatever is making this error, it is not something that I am actively using and/or seeing a failure in a program I am using. Other than running a packet capture on my LAN card constantly hoping to catch something through the day, is there some other way I can figure out what is generating the errors? The timeframes of the events do not present a recognisable pattern.