| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| 'instance-00000007' started successfully. (Virtual machine ID E3F0A56B-A612-4435-9A93-C86C6413C5A6) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 19 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 1104 | 1236 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-3824199019-1144366610-1825084314-2797933412 | 2/28/2022 7:18:35 PM | 2cad4c65-2cd7-0003-c66b-ae2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000007' 000a4e13-5e69-4a3a-bac5-f95813f0f26f (D313DFF0-FC46-4D1F-80AA-E1F8EF7D030E) started successfully. (Virtual Machine ID E3F0A56B-A612-4435-9A93-C86C6413C5A6) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 18 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 1104 | 1236 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-3824199019-1144366610-1825084314-2797933412 | 2/28/2022 7:18:35 PM | 2cad4c65-2cd7-0003-c66b-ae2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000007' 000a4e13-5e69-4a3a-bac5-f95813f0f26f (e3f0a56b-a612-4435-9a93-c86c6413c5a6--d313dff0-fc46-4d1f-80aa-e1f8ef7d030e) Connected to virtual network. (Virtual Machine ID E3F0A56B-A612-4435-9A93-C86C6413C5A6) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 17 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 1104 | 1236 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-3824199019-1144366610-1825084314-2797933412 | 2/28/2022 7:18:35 PM | 2cad4c65-2cd7-0003-c66b-ae2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000002' was turned off. (Virtual machine ID 51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF) | 18502 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 16 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 4744 | 4604 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1375004394-1104911967-2855713412-4289580748 | 2/28/2022 7:18:25 PM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000002' fed6a57b-d225-4471-a89a-3f3ea00dde3f (51f4e6ea-9e5f-41db-84ba-36aaccceadff--6ce44791-facd-4ee4-9b9b-17fa5558e923) Disconnected from virtual network. (Virtual Machine ID 51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF) | 12598 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 15 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4744 | 4604 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1375004394-1104911967-2855713412-4289580748 | 2/28/2022 7:18:25 PM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' 384919d3-8800-4f56-bb39-3779c8a13821 (B41B30F2-3796-489A-9577-34113DD2C4FF) started successfully. (Virtual Machine ID CBF5866B-6892-481E-9A61-B51DEECE7D6C) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 14 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 828 | 2944 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-3421865579-1209952402-498426266-1820184302 | 2/28/2022 7:18:03 PM | 2cad4c65-2cd7-0003-7b37-ae2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' 384919d3-8800-4f56-bb39-3779c8a13821 (cbf5866b-6892-481e-9a61-b51deece7d6c--b41b30f2-3796-489a-9577-34113dd2c4ff) Connected to virtual network. (Virtual Machine ID CBF5866B-6892-481E-9A61-B51DEECE7D6C) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 13 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 828 | 2944 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-3421865579-1209952402-498426266-1820184302 | 2/28/2022 7:18:03 PM | 2cad4c65-2cd7-0003-7b37-ae2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000003' a8af0b9c-89e9-472e-8bf9-2ef25826a397 (bc7a9ef6-01f7-4273-bf91-ff15b70887b3--72d530a1-fd9e-4427-a2e1-0a24be7a5c6d) Disconnected from virtual network. (Virtual Machine ID BC7A9EF6-01F7-4273-BF91-FF15B70887B3) | 12598 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 12 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4480 | 4440 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-3162152694-1114833399-369070527-3011971255 | 2/28/2022 7:17:59 PM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000005' was turned off. (Virtual machine ID 658C6033-E437-49AE-B123-CFA4CC81DD00) | 18502 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 11 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 5012 | 4952 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1703698483-1236198455-2765038513-14516684 | 2/28/2022 7:17:56 PM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000005' 9616454c-3a57-469e-b2f6-a0193509605a (658c6033-e437-49ae-b123-cfa4cc81dd00--057156e1-74a2-4066-9ac8-f88532e25082) Disconnected from virtual network. (Virtual Machine ID 658C6033-E437-49AE-B123-CFA4CC81DD00) | 12598 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 10 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 5012 | 4952 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1703698483-1236198455-2765038513-14516684 | 2/28/2022 7:17:56 PM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000005' started successfully. (Virtual machine ID 658C6033-E437-49AE-B123-CFA4CC81DD00) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 9 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 5012 | 4948 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1703698483-1236198455-2765038513-14516684 | 2/28/2022 7:17:51 PM | 2cad4c65-2cd7-0003-1986-ad2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000005' 9616454c-3a57-469e-b2f6-a0193509605a (057156E1-74A2-4066-9AC8-F88532E25082) started successfully. (Virtual Machine ID 658C6033-E437-49AE-B123-CFA4CC81DD00) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 8 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 5012 | 4948 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1703698483-1236198455-2765038513-14516684 | 2/28/2022 7:17:51 PM | 2cad4c65-2cd7-0003-1986-ad2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000005' 9616454c-3a57-469e-b2f6-a0193509605a (658c6033-e437-49ae-b123-cfa4cc81dd00--057156e1-74a2-4066-9ac8-f88532e25082) Connected to virtual network. (Virtual Machine ID 658C6033-E437-49AE-B123-CFA4CC81DD00) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 7 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 5012 | 4948 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1703698483-1236198455-2765038513-14516684 | 2/28/2022 7:17:51 PM | 2cad4c65-2cd7-0003-1986-ad2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000003' started successfully. (Virtual machine ID BC7A9EF6-01F7-4273-BF91-FF15B70887B3) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 6 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 4480 | 4472 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-3162152694-1114833399-369070527-3011971255 | 2/28/2022 7:17:44 PM | 2cad4c65-2cd7-0001-6c4f-ad2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000003' a8af0b9c-89e9-472e-8bf9-2ef25826a397 (72D530A1-FD9E-4427-A2E1-0A24BE7A5C6D) started successfully. (Virtual Machine ID BC7A9EF6-01F7-4273-BF91-FF15B70887B3) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 5 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4480 | 4472 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-3162152694-1114833399-369070527-3011971255 | 2/28/2022 7:17:44 PM | 2cad4c65-2cd7-0001-6c4f-ad2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000003' a8af0b9c-89e9-472e-8bf9-2ef25826a397 (bc7a9ef6-01f7-4273-bf91-ff15b70887b3--72d530a1-fd9e-4427-a2e1-0a24be7a5c6d) Connected to virtual network. (Virtual Machine ID BC7A9EF6-01F7-4273-BF91-FF15B70887B3) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 4 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4480 | 4472 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-3162152694-1114833399-369070527-3011971255 | 2/28/2022 7:17:44 PM | 2cad4c65-2cd7-0001-6c4f-ad2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000002' started successfully. (Virtual machine ID 51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 4744 | 4604 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1375004394-1104911967-2855713412-4289580748 | 2/28/2022 7:17:43 PM | 2cad4c65-2cd7-0001-654f-ad2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000002' fed6a57b-d225-4471-a89a-3f3ea00dde3f (6CE44791-FACD-4EE4-9B9B-17FA5558E923) started successfully. (Virtual Machine ID 51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4744 | 4604 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1375004394-1104911967-2855713412-4289580748 | 2/28/2022 7:17:43 PM | 2cad4c65-2cd7-0001-654f-ad2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000002' fed6a57b-d225-4471-a89a-3f3ea00dde3f (51f4e6ea-9e5f-41db-84ba-36aaccceadff--6ce44791-facd-4ee4-9b9b-17fa5558e923) Connected to virtual network. (Virtual Machine ID 51F4E6EA-9E5F-41DB-84BA-36AACCCEADFF) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 1 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4744 | 4604 | n-h2-831219-5.cbci-831219-5.local | S-1-5-83-1-1375004394-1104911967-2855713412-4289580748 | 2/28/2022 7:17:43 PM | 2cad4c65-2cd7-0001-654f-ad2cd72cd801 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |