Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WinNat

Event ID 1026

Message:

NAT instance %{InstanceName}: external address %{IPAddress}:%{PortStart}-%{PortEnd}

Event Data:

# Name In Type
Out Type
1 InstanceName win:UnicodeString xs:string
2 AddressLength win:UInt32 xs:unsignedInt
3 IPAddress win:Binary win:SocketAddress
4 PortStart win:UInt16 xs:unsignedShort
5 PortEnd win:UInt16 xs:unsignedShort

Observed Windows Versions:

Version: 0

Fingerprint: ZOU7VNWKO55YU