Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WMI-Activity

Event ID 14

Message:

OperationId = %{OperationId}; Operation = %{Operation}; Channel = %{Channel}; Message = %{Message}

Event Data:

# Name In Type
Out Type
1 OperationId win:UInt32 xs:unsignedInt
2 Operation win:UnicodeString xs:string
3 Channel win:UInt32 xs:unsignedInt
4 Message win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: KBIBUG6KVYMSM