| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| 'instance-00000008' started successfully. (Virtual machine ID 00A61024-83E6-489C-993A-55EFD463D9B8) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 20 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 4880 | 4176 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-10883108-1218216934-4015340185-3101254612 | 2/28/2022 7:18:51 PM | 2f116b47-2cd7-0002-7e7a-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000008' a8639967-5353-478f-9177-47db8d6b3ca7 (70265ED7-FD59-4C70-8B4C-A01339204429) started successfully. (Virtual Machine ID 00A61024-83E6-489C-993A-55EFD463D9B8) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 19 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4880 | 4176 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-10883108-1218216934-4015340185-3101254612 | 2/28/2022 7:18:51 PM | 2f116b47-2cd7-0002-7e7a-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000008' a8639967-5353-478f-9177-47db8d6b3ca7 (00a61024-83e6-489c-993a-55efd463d9b8--70265ed7-fd59-4c70-8b4c-a01339204429) Connected to virtual network. (Virtual Machine ID 00A61024-83E6-489C-993A-55EFD463D9B8) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 18 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4880 | 4176 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-10883108-1218216934-4015340185-3101254612 | 2/28/2022 7:18:51 PM | 2f116b47-2cd7-0002-7e7a-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000009' started successfully. (Virtual machine ID 1DECB0B0-DCE6-48BE-A509-9920C4EF7C43) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 17 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 4780 | 3996 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-502050992-1220467942-546900389-1132261316 | 2/28/2022 7:18:51 PM | 2f116b47-2cd7-0002-507a-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000009' f9b38e50-0561-4ef5-8dbf-389a043f0408 (A5E60FA5-7225-4435-821F-AA98E13A1BEF) started successfully. (Virtual Machine ID 1DECB0B0-DCE6-48BE-A509-9920C4EF7C43) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 16 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4780 | 3996 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-502050992-1220467942-546900389-1132261316 | 2/28/2022 7:18:51 PM | 2f116b47-2cd7-0002-507a-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000009' f9b38e50-0561-4ef5-8dbf-389a043f0408 (1decb0b0-dce6-48be-a509-9920c4ef7c43--a5e60fa5-7225-4435-821f-aa98e13a1bef) Connected to virtual network. (Virtual Machine ID 1DECB0B0-DCE6-48BE-A509-9920C4EF7C43) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 15 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4780 | 3996 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-502050992-1220467942-546900389-1132261316 | 2/28/2022 7:18:51 PM | 2f116b47-2cd7-0002-507a-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000006' started successfully. (Virtual machine ID D865AEF6-147F-48F1-A7D2-9B61469DB760) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 14 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 4892 | 4012 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-3630542582-1223758975-1637601959-1622646086 | 2/28/2022 7:18:49 PM | 2f116b47-2cd7-0001-6b9b-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000006' e2eae6a1-11e6-4ff9-8736-5c7da795c183 (B527B4FD-0CB4-41EB-AC40-76410A40086A) started successfully. (Virtual Machine ID D865AEF6-147F-48F1-A7D2-9B61469DB760) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 13 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4892 | 4012 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-3630542582-1223758975-1637601959-1622646086 | 2/28/2022 7:18:49 PM | 2f116b47-2cd7-0001-6b9b-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000006' e2eae6a1-11e6-4ff9-8736-5c7da795c183 (d865aef6-147f-48f1-a7d2-9b61469db760--b527b4fd-0cb4-41eb-ac40-76410a40086a) Connected to virtual network. (Virtual Machine ID D865AEF6-147F-48F1-A7D2-9B61469DB760) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 12 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4892 | 4012 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-3630542582-1223758975-1637601959-1622646086 | 2/28/2022 7:18:49 PM | 2f116b47-2cd7-0001-6b9b-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' 384919d3-8800-4f56-bb39-3779c8a13821 (cbf5866b-6892-481e-9a61-b51deece7d6c--b41b30f2-3796-489a-9577-34113dd2c4ff) Disconnected from virtual network. (Virtual Machine ID CBF5866B-6892-481E-9A61-B51DEECE7D6C) | 12598 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 11 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 2868 | 4484 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-3421865579-1209952402-498426266-1820184302 | 2/28/2022 7:18:02 PM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000003' a8af0b9c-89e9-472e-8bf9-2ef25826a397 (72D530A1-FD9E-4427-A2E1-0A24BE7A5C6D) started successfully. (Virtual Machine ID BC7A9EF6-01F7-4273-BF91-FF15B70887B3) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 10 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 3976 | 4216 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-3162152694-1114833399-369070527-3011971255 | 2/28/2022 7:18:01 PM | 2f116b47-2cd7-0000-9a78-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000003' a8af0b9c-89e9-472e-8bf9-2ef25826a397 (bc7a9ef6-01f7-4273-bf91-ff15b70887b3--72d530a1-fd9e-4427-a2e1-0a24be7a5c6d) Connected to virtual network. (Virtual Machine ID BC7A9EF6-01F7-4273-BF91-FF15B70887B3) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 9 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 3976 | 4216 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-3162152694-1114833399-369070527-3011971255 | 2/28/2022 7:18:01 PM | 2f116b47-2cd7-0000-9a78-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' started successfully. (Virtual machine ID CBF5866B-6892-481E-9A61-B51DEECE7D6C) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 8 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 2868 | 4360 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-3421865579-1209952402-498426266-1820184302 | 2/28/2022 7:17:48 PM | 2f116b47-2cd7-0002-1d72-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' 384919d3-8800-4f56-bb39-3779c8a13821 (B41B30F2-3796-489A-9577-34113DD2C4FF) started successfully. (Virtual Machine ID CBF5866B-6892-481E-9A61-B51DEECE7D6C) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 7 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 2868 | 4360 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-3421865579-1209952402-498426266-1820184302 | 2/28/2022 7:17:48 PM | 2f116b47-2cd7-0002-1d72-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' 384919d3-8800-4f56-bb39-3779c8a13821 (cbf5866b-6892-481e-9a61-b51deece7d6c--b41b30f2-3796-489a-9577-34113dd2c4ff) Connected to virtual network. (Virtual Machine ID CBF5866B-6892-481E-9A61-B51DEECE7D6C) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 6 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 2868 | 4360 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-3421865579-1209952402-498426266-1820184302 | 2/28/2022 7:17:48 PM | 2f116b47-2cd7-0002-1d72-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000001' was turned off. (Virtual machine ID 7B99F557-C53E-4AB7-AC20-2252CE398130) | 18502 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 5 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 2832 | 3840 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-2073687383-1253557566-1377968300-813775310 | 2/28/2022 7:17:38 PM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000001' 763413ab-e2b9-4a2d-be61-7524ecf7be6a (7b99f557-c53e-4ab7-ac20-2252ce398130--87afcb7e-2f62-4fa3-82a4-603357ba1a00) Disconnected from virtual network. (Virtual Machine ID 7B99F557-C53E-4AB7-AC20-2252CE398130) | 12598 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 4 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 2832 | 3840 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-2073687383-1253557566-1377968300-813775310 | 2/28/2022 7:17:38 PM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000001' started successfully. (Virtual machine ID 7B99F557-C53E-4AB7-AC20-2252CE398130) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 2832 | 3620 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-2073687383-1253557566-1377968300-813775310 | 2/28/2022 7:17:31 PM | 2f116b47-2cd7-0004-a96d-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000001' 763413ab-e2b9-4a2d-be61-7524ecf7be6a (87AFCB7E-2F62-4FA3-82A4-603357BA1A00) started successfully. (Virtual Machine ID 7B99F557-C53E-4AB7-AC20-2252CE398130) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 2832 | 3620 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-2073687383-1253557566-1377968300-813775310 | 2/28/2022 7:17:31 PM | 2f116b47-2cd7-0004-a96d-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000001' 763413ab-e2b9-4a2d-be61-7524ecf7be6a (7b99f557-c53e-4ab7-ac20-2252ce398130--87afcb7e-2f62-4fa3-82a4-603357ba1a00) Connected to virtual network. (Virtual Machine ID 7B99F557-C53E-4AB7-AC20-2252CE398130) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 1 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 2832 | 3620 | n-h1-831219-5.cbci-831219-5.local | S-1-5-83-1-2073687383-1253557566-1377968300-813775310 | 2/28/2022 7:17:31 PM | 2f116b47-2cd7-0004-a96d-112fd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |