If you are trying to validate which TLS cipher suites are being used by a Microsoft Windows system, these resources might be helpful:
Packet captures can be helpful as well, but maybe you are trying to determine which cipher suite is in use based on the four digit representation, coming from Schannel logging within the Event Viewer. First, here is the list of all TLS cipher suites and their four digit representations:
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
Next, to view TLS information, you must enable Schannel logging to a sufficient level:
The resulting output will be shown in the System Event log:
Now, which cipher suite is in use? You might be used to seeing full description like this:
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
So which cipher suite is 0xC030? Reference the above IANA link, and match the values:
