Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Remotefs-Rdbss

Event ID 30009

Message:

Cc read request: RxContext %{RxContext} FileObject %{FileObject}

Event Data:

# Name In Type
Out Type
1 RxContext win:Pointer win:HexInt64
2 FileObject win:Pointer win:HexInt64

Observed Windows Versions:

Version: 0

Fingerprint: I4AQJPIOM3TYQ