Elastic Windows Event Explorer


Publisher - Microsoft-Windows-WinRM

Event ID 193

Message:

Request for user %{param1} (%{param2}) will be executed using WinRM virtual account %{param3} (%{param4})

Event Data:

# Name In Type
Out Type
1 param1 win:UnicodeString xs:string
2 param2 win:UnicodeString xs:string
3 param3 win:UnicodeString xs:string
4 param4 win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: XPYY554B2OFKI