Elastic Windows Event Explorer


Publisher - Microsoft-Windows-DotNETRuntimeRundown

Event ID 143 v2

Message:

MethodID=%{MethodID};
ModuleID=%{ModuleID};
MethodStartAddress=%{MethodStartAddress};
MethodSize=%{MethodSize};
MethodToken=%{MethodToken};
MethodFlags=%{MethodFlags};
MethodNamespace=%{MethodNamespace};
MethodName=%{MethodName};
MethodSignature=%{MethodSignature};
ClrInstanceID=%{ClrInstanceID};
ReJITID=%{ReJITID}

Event Data:

# Name In Type
Out Type
1 MethodID win:UInt64 win:HexInt64
2 ModuleID win:UInt64 win:HexInt64
3 MethodStartAddress win:UInt64 win:HexInt64
4 MethodSize win:UInt32 win:HexInt32
5 MethodToken win:UInt32 win:HexInt32
6 MethodFlags win:UInt32 xs:unsignedInt
7 MethodNamespace win:UnicodeString xs:string
8 MethodName win:UnicodeString xs:string
9 MethodSignature win:UnicodeString xs:string
10 ClrInstanceID win:UInt16 xs:unsignedShort
11 ReJITID win:UInt64 win:HexInt64

Observed Windows Versions:

Version: 2

Fingerprint: LKIOY4I7IIYK6