Elastic Windows Event Explorer


Publisher - Microsoft-Windows-Remotefs-Rdbss

Event ID 30011

Message:

Cc write request: RxContext %{RxContext} FileObject %{FileObject}

Event Data:

# Name In Type
Out Type
1 RxContext win:Pointer win:HexInt64
2 FileObject win:Pointer win:HexInt64

Observed Windows Versions:

Version: 0

Fingerprint: P2FYFZYL2EPCO