Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WMI-Activity

Event ID 2

Message:

ProviderInfo for GroupOperationId = %{GroupOperationId}; Operation = %{Operation}; ProviderName = %{ProviderName}; ProviderGuid = %{ProviderGuid}; Path = %{Path}

Event Data:

# Name In Type
Out Type
1 GroupOperationId win:UInt32 xs:unsignedInt
2 Operation win:UnicodeString xs:string
3 ProviderName win:UnicodeString xs:string
4 ProviderGuid win:UnicodeString xs:string
5 Path win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: 7YHKOBYTBWGK2