Elastic Windows Event Explorer


Publisher - Microsoft-Windows-User Device Registration

Event ID 108

Message:

The NGC container was successfully created. 
User SID: %{UserSid} 
IDP domain: %{IdpDomain} 
Tenant domain: %{TenantDomain} 
Flags: %{Flags}

Event Data:

# Name In Type
Out Type
1 UserSid win:UnicodeString xs:string
2 IdpDomain win:UnicodeString xs:string
3 TenantDomain win:UnicodeString xs:string
4 Flags win:UInt32 xs:unsignedInt

Observed Windows Versions:

Version: 0

Fingerprint: 5SE4VD5MT3C2O