Elastic Windows Event Explorer


Publisher - Microsoft-Windows-PDC

Event ID 43

Message:

Suspend/Resume client in process %{Process} (session:%{Session}) at %{Client} (PDC Identifier:%{PdcId}) registered with status: %{Status}

Event Data:

# Name In Type
Out Type
1 Process win:Pointer win:HexInt64
2 Session win:UInt32 win:HexInt32
3 Client win:Pointer win:HexInt64
4 PdcId win:UInt32 win:HexInt32
5 Status win:UInt32 win:HexInt32

Observed Windows Versions:

Version: 0

Fingerprint: 73P52A6KPA62Q