| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| [E3F0A56B-A612-4435-9A93-C86C6413C5A6] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 29 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:35 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [E3F0A56B-A612-4435-9A93-C86C6413C5A6] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 28 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:35 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [E3F0A56B-A612-4435-9A93-C86C6413C5A6] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 27 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:35 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [E3F0A56B-A612-4435-9A93-C86C6413C5A6] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 26 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:35 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF] Queue system notification: 1 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 25 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:25 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [BC7A9EF6-01F7-4273-BF91-FF15B70887B3] Queue system notification: 1 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 24 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3344 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:01 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [CBF5866B-6892-481E-9A61-B51DEECE7D6C] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 23 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:01 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [CBF5866B-6892-481E-9A61-B51DEECE7D6C] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 22 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:01 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [CBF5866B-6892-481E-9A61-B51DEECE7D6C] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 21 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:01 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [CBF5866B-6892-481E-9A61-B51DEECE7D6C] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 20 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:18:01 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [658C6033-E437-49AE-B123-CFA4CC81DD00] Queue system notification: 1 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 19 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:56 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [658C6033-E437-49AE-B123-CFA4CC81DD00] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 18 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:51 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [658C6033-E437-49AE-B123-CFA4CC81DD00] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 17 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:51 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [658C6033-E437-49AE-B123-CFA4CC81DD00] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 16 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:51 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [658C6033-E437-49AE-B123-CFA4CC81DD00] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 15 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:51 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [BC7A9EF6-01F7-4273-BF91-FF15B70887B3] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 14 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:44 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [BC7A9EF6-01F7-4273-BF91-FF15B70887B3] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 13 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:44 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [BC7A9EF6-01F7-4273-BF91-FF15B70887B3] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 12 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:44 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [BC7A9EF6-01F7-4273-BF91-FF15B70887B3] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 11 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:44 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF] Query compute system notification, result 0x00000000, notification 2 / 0x00000000 | 2008 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 10 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:43 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF] Create compute system, result 0xC0370103 | 2000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 9 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:43 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF] Queue system notification: 2 / 0x00000000 | 2009 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 8 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:43 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| [51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF] Create Virtual Machine | 2014 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 7 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3348 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:17:42 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 6 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 3264 | 3300 | n-h2-831219-5.cbci-831219-5.local | S-1-5-18 | 2/28/2022 7:13:03 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 5 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2248 | 2504 | n-h2-831219-5 | S-1-5-18 | 2/28/2022 6:32:11 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 4 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2660 | 2680 | WIN-5T344G8GM1H | S-1-5-18 | 2/28/2022 6:30:42 PM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 3 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2948 | 2972 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:41:31 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2928 | 2952 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:27:17 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Host Compute Service is starting. | 1000 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 1 | Microsoft-Windows-Hyper-V-Compute | 17103e3f-3c6e-4677-bb17-3b267eb5be57 | Microsoft-Windows-Hyper-V-Compute-Operational | 2692 | 2132 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:26:53 AM | | | microsoft-windows-hyper-v-compute-operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |