Elastic Windows Event Explorer


Publisher - Microsoft-Windows-NDIS-PacketCapture

Event ID 1003

Message:

VMSwitch Packet Fragment (%{Fragment} bytes)

Event Data:

# Name In Type
Out Type
1 MiniportIfIndex win:UInt32 xs:unsignedInt
2 LowerIfIndex win:UInt32 xs:unsignedInt
3 SourcePortId win:UInt32 xs:unsignedInt
4 SourcePortName win:UnicodeString xs:string
5 SourceNicName win:UnicodeString xs:string
6 SourceNicType win:UnicodeString xs:string
7 DestinationCount win:UInt32 xs:unsignedInt
8 FragmentSize win:UInt32 xs:unsignedInt
9 Fragment win:Binary xs:hexBinary
10 OOBDataSize win:UInt32 xs:unsignedInt
11 OOBData win:Binary xs:hexBinary

Observed Windows Versions:

Version: 0

Fingerprint: EQQPFLUC25SKC