Elastic Windows Event Explorer


Publisher - Microsoft-Windows-TCPIP

Event ID 1008

Message:

TCP: endpoint (sockaddr=%{LocalAddress}) bound.

Event Data:

# Name In Type
Out Type
1 LocalAddressLength win:UInt32 xs:unsignedInt
2 LocalAddress win:Binary win:SocketAddress
3 Status win:UInt32 win:NTStatus

Observed Windows Versions:

Version: 0

Fingerprint: F5WBTBKJ3SH4O