Elastic Windows Event Explorer


Publisher - Microsoft-Windows-DotNETRuntime

Event ID 138

Message:

MethodID=%{MethodID};
ModuleID=%{ModuleID};
MethodStartAddress=%{MethodStartAddress};
MethodSize=%{MethodSize};
MethodToken=%{MethodToken};
MethodFlags=%{MethodFlags}

Event Data:

# Name In Type
Out Type
1 MethodID win:UInt64 win:HexInt64
2 ModuleID win:UInt64 win:HexInt64
3 MethodStartAddress win:UInt64 win:HexInt64
4 MethodSize win:UInt32 win:HexInt32
5 MethodToken win:UInt32 win:HexInt32
6 MethodFlags win:UInt32 xs:unsignedInt

Observed Windows Versions:

Version: 0

Fingerprint: TSWPAGG6DMN3O