Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WinNat

Event ID 1023 v1

Message:

%{InstanceType} NAT %{InstanceName}, Prefix %{AddressPrefix}/%{PrefixLength} RoutingDomainId %{InternalRoutingDomainId} (CompartmentId %{CompartmentId}), external interface index %{ExternalInterfaceIndex}

Event Data:

# Name In Type
Out Type
1 InstanceName win:UnicodeString xs:string
2 InternalRoutingDomainId win:GUID xs:GUID
3 PrefixLength win:UInt32 xs:unsignedInt
4 AddressPrefix win:UInt32 win:IPv4
5 CompartmentId win:UInt32 xs:unsignedInt
6 ExternalInterfaceIndex win:UInt32 xs:unsignedInt
7 UdpIdleSessionTimeout win:UInt32 xs:unsignedInt
8 TcpTransientConnectionTimeout win:UInt32 xs:unsignedInt
9 TcpEstablishedConnectionTimeout win:UInt32 xs:unsignedInt
10 IcmpQueryTimeout win:UInt32 xs:unsignedInt
11 TcpFilteringBehavior win:UInt32 xs:unsignedInt
12 UdpFilteringBehavior win:UInt32 xs:unsignedInt
13 UdpInboundRefresh win:Boolean xs:boolean
14 InstanceType win:UInt32 xs:unsignedInt

Observed Windows Versions:

Version: 1

Fingerprint: GW5ZP4K2NMC6G