Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Kernel-File

Event ID 32 v1

Message:



Event Data:

# Name In Type
Out Type
1 Irp win:Pointer win:HexInt64
2 FileObject win:Pointer win:HexInt64
3 FileKey win:Pointer win:HexInt64
4 ExtraInformation win:Pointer win:HexInt64
5 IssuingThreadId win:UInt32 xs:unsignedInt
6 InfoClass win:UInt32 xs:unsignedInt

Observed Windows Versions:

Version: 1

Fingerprint: 2IZOC2KLJ6XF6