Elastic Windows Event Explorer

Publisher - Microsoft-Windows-HttpService

Event ID 89

Message:

SNI parsed for connection: %{ConnectionObj} with status: %{Status}

Event Data:

# Name In Type
 Out Type
1 ConnectionObj win:Pointer win:HexInt64
2 Status win:UInt32 win:HexInt32
3 SniLength win:UInt32 xs:unsignedInt
4 SniHost win:Binary xs:hexBinary
5 NormalizedHost win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: ESBDOFVB7KTSA

Channels | Publishers | Search

© 2025. Elasticsearch B.V. All Rights Reserved | v0.0.5

Search: