Elastic Windows Event Explorer


Publisher - Microsoft-Windows-User Device Registration

Event ID 376

Message:

The FIDO credential was successfully created. 
UPN: %{UPN} 
Credential display name: %{KeyDisplayName} 
User display name: %{UserDisplayName} 
User image URL: %{UserImageUrl} 
Key algorithm: %{KeyAlgorithm} 
Auth token: %{AuthToken} 
Request ID: %{RequestId} 
Flags: %{Flags}

Event Data:

# Name In Type
Out Type
1 UPN win:UnicodeString xs:string
2 KeyDisplayName win:UnicodeString xs:string
3 UserDisplayName win:UnicodeString xs:string
4 UserImageUrl win:UnicodeString xs:string
5 KeyAlgorithm win:UnicodeString xs:string
6 AuthToken win:UnicodeString xs:string
7 RequestId win:UnicodeString xs:string
8 Flags win:UInt32 xs:unsignedInt
9 PinStatus win:UInt32 xs:unsignedInt
10 PinRetries win:UInt32 xs:unsignedInt

Observed Windows Versions:

Version: 0

Fingerprint: DNSGYMEHESWOS