Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Kernel-Memory

Event ID 1 v1

Message:



Event Data:

# Name In Type
Out Type
1 PriorityLevels win:UInt8 xs:unsignedByte
2 ZeroPageCount win:Pointer win:HexInt64
3 FreePageCount win:Pointer win:HexInt64
4 ModifiedPageCount win:Pointer win:HexInt64
5 ModifiedNoWritePageCount win:Pointer win:HexInt64
6 BadPageCount win:Pointer win:HexInt64
7 StandbyPageCounts win:Pointer win:HexInt64
8 RepurposedPageCounts win:Pointer win:HexInt64
9 ModifiedPageCountPageFile win:Pointer win:HexInt64
10 PagedPoolPageCount win:Pointer win:HexInt64
11 NonPagedPoolPageCount win:Pointer win:HexInt64
12 MdlPageCount win:Pointer win:HexInt64
13 CommitPageCount win:Pointer win:HexInt64

Observed Windows Versions:

Version: 1

Fingerprint: L6TU7FJPVUOQK