Elastic Windows Event Explorer


Publisher - Microsoft-Windows-TerminalServices-SessionBroker-Client

Event ID 1301

Message:

Remote Desktop Connection Broker Client received request for redirection. 
User : %{param1}\%{param2} 
RDP Client Version : %{param3}

Event Data:

# Name In Type
Out Type
1 param1 win:UnicodeString xs:string
2 param2 win:UnicodeString xs:string
3 param3 win:Int32 xs:int

Observed Windows Versions:

Version: 0

Fingerprint: GSOGQRQI5QHUC