Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Kernel-Memory

Event ID 5 v1

Message:



Event Data:

# Name In Type
Out Type
1 ProcessId win:UInt32 xs:unsignedInt
2 Status win:HexInt32 win:HexInt32
3 PagesProcessed win:Pointer win:HexInt64
4 WriteCombinePagesProcessed win:Pointer win:HexInt64
5 UncachedPagesProcessed win:Pointer win:HexInt64
6 CleanPagesProcessed win:Pointer win:HexInt64

Observed Windows Versions:

Version: 1

Fingerprint: ZURBSHG2XQH5O