Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WinNat

Event ID 1015

Message:

Static binding %{Action} Status: %{Status}. Internal Source: %{InternalAddr}, External Source: %{ExternalAddr}, Protocol: %{TransportProtocol}

Event Data:

# Name In Type
Out Type
1 InternalAddrLen win:UInt32 xs:unsignedInt
2 InternalAddr win:Binary win:SocketAddress
3 ExternalAddrLen win:UInt32 xs:unsignedInt
4 ExternalAddr win:Binary win:SocketAddress
5 TransportProtocol win:UInt32 xs:unsignedInt
6 Action win:UInt32 xs:unsignedInt
7 Status win:UInt32 win:NTStatus

Observed Windows Versions:

Version: 0

Fingerprint: TZ3BJYCHTWJG2