Elastic Windows Event Explorer


Publisher - Microsoft-Windows-CodeIntegrity

Event ID 3092

Message:

Code Integrity testing module %{FileName} against policy %{PolicyName}. Status %{StatusCode}

Event Data:

# Name In Type
Out Type
1 FileNameLength win:UInt16 xs:unsignedShort
2 FileName win:UnicodeString xs:string
3 StatusCode win:HexInt32 win:NTStatus
4 ManagedInstallerEnabled win:Boolean xs:boolean
5 PassesManagedInstaller win:Boolean xs:boolean
6 SmartlockerEnabled win:Boolean xs:boolean
7 PassesSmartlocker win:Boolean xs:boolean
8 DefenderTrust win:Int32 xs:int
9 AuditEnabled win:Boolean xs:boolean
10 PolicyNameLength win:UInt16 xs:unsignedShort
11 PolicyName win:UnicodeString xs:string
12 PolicyIDLength win:UInt16 xs:unsignedShort
13 PolicyID win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: YCIEUPQHKBLMK