Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Bits-Client

Event ID 5 v1

Message:

Job cancelled. User: %{Id}, job: %{Title}, jobID: %{Owner}, owner: %{User}, filecount: %{processId}

Event Data:

# Name In Type
Out Type
1 Id win:GUID xs:GUID
2 Title win:UnicodeString xs:string
3 Owner win:UnicodeString xs:string
4 User win:UnicodeString xs:string
5 processId win:UInt32 xs:unsignedInt
6 ClientProcessStartKey win:UInt64 xs:unsignedLong

Observed Windows Versions:

Version: 1

Fingerprint: TYTXXYJJIP4VW