Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WinNat

Event ID 1014

Message:

Address %{Action} notification. Address: %{Address}, InterfaceLuid: %{InterfaceLuid} 

Event Data:

# Name In Type
Out Type
1 InstanceName win:UnicodeString xs:string
2 Address win:UInt32 win:IPv4
3 StartingPort win:UInt16 xs:unsignedShort
4 EndingPort win:UInt16 xs:unsignedShort
5 InterfaceLuid win:UInt64 xs:unsignedLong
6 Action win:UInt32 xs:unsignedInt
7 Status win:UInt32 win:NTStatus

Observed Windows Versions:

Version: 0

Fingerprint: 3KMYGUVWYSNDG