Elastic Windows Event Explorer


Publisher - Microsoft-Windows-ProcessStateManager

Event ID 100

Message:



Event Data:

# Name In Type
Out Type
1 ApplicationId win:UInt64 xs:unsignedLong
2 SessionId win:UInt32 xs:unsignedInt
3 PsmKey win:UnicodeString xs:string
4 OldState win:UInt32 xs:unsignedInt
5 NewState win:UInt32 xs:unsignedInt
6 MixedWorkItems win:UInt32 xs:unsignedInt
7 PureWorkItems win:UInt32 xs:unsignedInt
8 SystemWorkItems win:UInt32 xs:unsignedInt
9 Flags win:UInt32 win:HexInt32
10 CycleTime win:UInt64 xs:unsignedLong
11 NetworkTokens win:UInt64 xs:unsignedLong

Observed Windows Versions:

Version: 0

Fingerprint: DOOGW5PAB2UAI