Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WinNat

Event ID 1006 v1

Message:

%{TransportProtocol} binding created. Internal transport addr: %{InternalAddr} (CompartmentId %{InternalCompartmentId}), External transport addr %{ExternalAddr}, SessionCount: %{SessionCount}, Configured: %{Configured}

Event Data:

# Name In Type
Out Type
1 InternalAddrLen win:UInt32 xs:unsignedInt
2 InternalAddr win:Binary win:SocketAddress
3 ExternalAddrLen win:UInt32 xs:unsignedInt
4 ExternalAddr win:Binary win:SocketAddress
5 TransportProtocol win:UInt32 xs:unsignedInt
6 SessionCount win:UInt32 xs:unsignedInt
7 Configured win:Boolean xs:boolean
8 InternalCompartmentId win:UInt32 xs:unsignedInt

Observed Windows Versions:

Version: 1

Fingerprint: A3GY24647CNN6