We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
Hi,
while mapping Windows Event ID 7045 I'm missing some fields in Class Application Lifecycle (6002).
For example:
How are the chances to change the schema for this?
Sample Data:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" /> <EventID Qualifiers="16384">7045</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x8080000000000000</Keywords> <TimeCreated SystemTime="2024-08-20T09:24:18.547844000Z" /> <EventRecordID>7783</EventRecordID> <Correlation /> <Execution ProcessID="600" ThreadID="5016" /> <Channel>System</Channel> <Computer>foobar.windomain.local</Computer> <Security UserID="S-1-5-18" /> </System> - <EventData> <Data Name="ServiceName">GoogleUpdater Service 129.0.6651.0 (GoogleUpdaterService129.0.6651.0)</Data> <Data Name="ImagePath">"C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe" --system --windows-service --service=update</Data> <Data Name="ServiceType">user mode service</Data> <Data Name="StartType">auto start</Data> <Data Name="AccountName">LocalSystem</Data> </EventData> </Event>
Regards, Hendrik
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hi,
while mapping Windows Event ID 7045 I'm missing some fields in Class Application Lifecycle (6002).
For example:
How are the chances to change the schema for this?
Sample Data:
Regards,
Hendrik
The text was updated successfully, but these errors were encountered: