Elastic Windows Event Explorer


Publisher - Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider

Event ID 815

Message:

MDM PolicyManager: Set policy binary, Policy: (%{Message1}), Area: (%{Message2}), EnrollmentID requesting merge: (%{Message3}), Current User: (%{Message4}), Enrollment Type: (%{HexInt1}), Scope: (%{HexInt2}).

Event Data:

# Name In Type
Out Type
1 Message1 win:UnicodeString xs:string
2 Message2 win:UnicodeString xs:string
3 Message3 win:UnicodeString xs:string
4 Message4 win:UnicodeString xs:string
5 HexInt1 win:HexInt32 win:HexInt32
6 HexInt2 win:HexInt32 win:HexInt32

Observed Windows Versions:

Version: 0

Fingerprint: CWUSZDET5Y3ES