Elastic Windows Event Explorer


Publisher - Microsoft-Windows-DotNETRuntime

Event ID 140

Message:

MethodID=%{MethodID};
ModuleID=%{ModuleID};
MethodStartAddress=%{MethodStartAddress};
MethodSize=%{MethodSize};
MethodToken=%{MethodToken};
MethodFlags=%{MethodFlags};
MethodNamespace=%{MethodNamespace};
MethodName=%{MethodName};
MethodSignature=%{MethodSignature}

Event Data:

# Name In Type
Out Type
1 MethodID win:UInt64 win:HexInt64
2 ModuleID win:UInt64 win:HexInt64
3 MethodStartAddress win:UInt64 win:HexInt64
4 MethodSize win:UInt32 win:HexInt32
5 MethodToken win:UInt32 win:HexInt32
6 MethodFlags win:UInt32 xs:unsignedInt
7 MethodNamespace win:UnicodeString xs:string
8 MethodName win:UnicodeString xs:string
9 MethodSignature win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: CWSSE2UWVCZLA