Elastic Windows Event Explorer

Publisher - Microsoft-Windows-NetworkProvider

Event ID 1009


Unable to parse UNC Hardening Configuration Entry: Unable to parse string.

UNC Path: %{UncPath}

UNC Hardening Configuration: %{UncHardeningConfiguration}

Expected Token: %{ExpectedToken}

Found Token: %{FoundToken}

Guidance: The UNC Hardening configuration for the path contains invalid syntax and may be ignored. The value found token was parsed as an string, but was not terminated or exceeded the maximum allowable string length.

For details on configuring Windows computers to require additional security when accessing specific UNC paths, visit http://support.microsoft.com/kb/3000483.

Event Data:

# Name In Type
Out Type
1 UncPathLength win:UInt16 xs:unsignedShort
2 UncPath win:UnicodeString xs:string
3 UncHardeningConfigurationLength win:UInt32 xs:unsignedInt
4 UncHardeningConfiguration win:UnicodeString xs:string
5 ExpectedToken win:UInt32 xs:unsignedInt
6 FoundTokenLength win:UInt16 xs:unsignedShort
7 FoundToken win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: MCT7J6SJIVMEY