Elastic Windows Event Explorer


Publisher - Microsoft-Windows-StorageManagement-PartUtil

Event ID 202 v1

Message:

The partition was created successfully.                    
Function: %{Function}                    
Disk Number: %{DiskNumber}                    
Offset: %{Offset}                    
Size : %{Size}                    
Alignment: %{Alignment}                    
Partition Style: %{PartitionStyle}                    
MbrPartitionType: %{MbrPartitionType}                    
MbrBootIndicator: %{MbrBootIndicator}                    
GptPartitionType: %{GptPartitionType}                    
GptPartitionId: %{GptPartitionId}                    
GptAttributes: %{GptAttributes}                    
GptName: %{GptName}                    
Duration: %{DurationInUs} us

Event Data:

# Name In Type
Out Type
1 Function win:AnsiString xs:string
2 DiskNumber win:UInt32 xs:unsignedInt
3 Offset win:UInt64 xs:unsignedLong
4 Size win:UInt64 xs:unsignedLong
5 Alignment win:UInt32 xs:unsignedInt
6 PartitionStyle win:UInt32 xs:unsignedInt
7 MbrPartitionType win:UInt32 xs:unsignedInt
8 MbrBootIndicator win:UInt32 xs:unsignedInt
9 GptPartitionType win:GUID xs:GUID
10 GptPartitionId win:GUID xs:GUID
11 GptAttributes win:UInt64 xs:unsignedLong
12 GptName win:UnicodeString xs:string
13 DurationInUs win:UInt64 xs:unsignedLong

Observed Windows Versions:

Version: 1

Fingerprint: UUHQSCDNG6LC4