Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Deplorch

Event ID 2001

Message:

Running user-provided script: "%{CommandLine}".

Event Data:

# Name In Type
Out Type
1 CommandLine win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: QSMFSL64G4IKW