Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WMI-Activity

Event ID 5858

Message:

Id = %{Id}; ClientMachine = %{ClientMachine}; User = %{User}; ClientProcessId = %{ClientProcessId}; Component = %{Component}; Operation = %{Operation}; ResultCode = %{ResultCode}; PossibleCause = %{PossibleCause}

Event Data:

# Name In Type
Out Type
1 Id win:UnicodeString xs:string
2 ClientMachine win:UnicodeString xs:string
3 User win:UnicodeString xs:string
4 ClientProcessId win:UInt32 xs:unsignedInt
5 Component win:UnicodeString xs:string
6 Operation win:UnicodeString xs:string
7 ResultCode win:HexInt32 win:HexInt32
8 PossibleCause win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: TOSNDRGHZROJI