| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| [1ABD695F-46F1-41B5-BEF6-615BA5E0EF89] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 25 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:58 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [1ABD695F-46F1-41B5-BEF6-615BA5E0EF89] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 24 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:58 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [1ABD695F-46F1-41B5-BEF6-615BA5E0EF89] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 23 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:58 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [1ABD695F-46F1-41B5-BEF6-615BA5E0EF89] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 22 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:58 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [B14D243B-82CA-4C28-898F-198C424F7DF7] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 21 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:55 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [B14D243B-82CA-4C28-898F-198C424F7DF7] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 20 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:55 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [B14D243B-82CA-4C28-898F-198C424F7DF7] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 19 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:55 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [B14D243B-82CA-4C28-898F-198C424F7DF7] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 18 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:55 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [4AEE1162-1451-4D27-91B6-A7C1E047A415] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 17 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:54 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [4AEE1162-1451-4D27-91B6-A7C1E047A415] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 16 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:54 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [4AEE1162-1451-4D27-91B6-A7C1E047A415] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 15 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:54 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [4AEE1162-1451-4D27-91B6-A7C1E047A415] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 14 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:54 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [9C3169A6-7285-4F1C-9BC3-3EB44AD15B84] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 13 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:52 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [9C3169A6-7285-4F1C-9BC3-3EB44AD15B84] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 12 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:52 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [9C3169A6-7285-4F1C-9BC3-3EB44AD15B84] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 11 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:52 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [9C3169A6-7285-4F1C-9BC3-3EB44AD15B84] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 10 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:52 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [4851B8AE-534A-4BB7-96D4-4F7C4AC437AE] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 9 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:48 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [4851B8AE-534A-4BB7-96D4-4F7C4AC437AE] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 8 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:48 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [4851B8AE-534A-4BB7-96D4-4F7C4AC437AE] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 7 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:48 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [4851B8AE-534A-4BB7-96D4-4F7C4AC437AE] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 6 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2996 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 1:16:47 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 5 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2232 | 2448 | hv-cinder-85226 | S-1-5-18 | 8/8/2022 12:13:29 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 4 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2644 | 2680 | WIN-5T344G8GM1H | S-1-5-18 | 8/8/2022 12:11:36 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 3 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2948 | 2972 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:41:31 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2928 | 2952 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:27:17 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 1 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2692 | 2132 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:26:53 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |