Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Kernel-Registry

Event ID 1

Message:



Event Data:

# Name In Type
Out Type
1 BaseObject win:Pointer win:HexInt64
2 KeyObject win:Pointer win:HexInt64
3 Status win:UInt32 win:HexInt32
4 Disposition win:UInt32 xs:unsignedInt
5 BaseName win:UnicodeString xs:string
6 RelativeName win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: CKXNJMYVMXV6I