Elastic Windows Event Explorer


Publisher - Microsoft-Windows-TCPIP

Event ID 1157

Message:

TCP: connection %{Tcb} delivery %{Delivery} indicated %{NumBytes} bytes accepted %{Length} bytes, status = %{RequestStatus}. RcvNxt = %{RcvNxt}.

Event Data:

# Name In Type
Out Type
1 Tcb win:Pointer win:HexInt64
2 Delivery win:Pointer win:HexInt64
3 Request win:Pointer win:HexInt64
4 NumBytes win:Pointer win:HexInt64
5 RequestFlags win:UInt32 xs:unsignedInt
6 Length win:Pointer win:HexInt64
7 RequestStatus win:UInt32 win:NTStatus
8 IsUrgentDelivery win:UInt32 xs:unsignedInt
9 FullySatisfiedORDelayedPush win:UInt32 xs:unsignedInt
10 RcvNxt win:UInt32 xs:unsignedInt

Observed Windows Versions:

Version: 0

Fingerprint: AZS6GRF7JDXRU