Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WinNat

Event ID 1013

Message:

Address pool %{Action} Status: %{Status}. Instance: %{InstanceName}, Address: %{Address}, StartingPort: %{StartingPort}, EndingPort: %{EndingPort}, InterfaceLuid: %{InterfaceLuid} 

Event Data:

# Name In Type
Out Type
1 InstanceName win:UnicodeString xs:string
2 Address win:UInt32 win:IPv4
3 StartingPort win:UInt16 xs:unsignedShort
4 EndingPort win:UInt16 xs:unsignedShort
5 InterfaceLuid win:UInt64 xs:unsignedLong
6 Action win:UInt32 xs:unsignedInt
7 Status win:UInt32 win:NTStatus

Observed Windows Versions:

Version: 0

Fingerprint: UNGVYVOQZG3XG