| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| 'instance-00000005' was turned off. (Virtual machine ID 98DA00A4-86CF-43D5-98D6-66D8CC858C5E) | 18502 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 15 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 1872 | 4192 | hv-osbrick-7519 | S-1-5-83-1-2564423844-1138067151-3630618264-1586267596 | 12/22/2020 11:34:26 AM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000005' 9fadd8bb-0917-4b90-87c5-a7a0a17e5df5 (98da00a4-86cf-43d5-98d6-66d8cc858c5e--91fa58c5-dfd0-4e24-ab93-e59590ff8485) Disconnected from virtual network. (Virtual Machine ID 98DA00A4-86CF-43D5-98D6-66D8CC858C5E) | 12598 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 14 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 1872 | 4192 | hv-osbrick-7519 | S-1-5-83-1-2564423844-1138067151-3630618264-1586267596 | 12/22/2020 11:34:26 AM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000006' was turned off. (Virtual machine ID 7710BC71-ED43-4359-8921-BC2F9FB4D6AB) | 18502 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 13 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 4356 | 2600 | hv-osbrick-7519 | S-1-5-83-1-1997585521-1129966915-800858505-2882974879 | 12/22/2020 11:34:16 AM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000006' 6a407a6b-80b2-4606-b571-86881c0335df (7710bc71-ed43-4359-8921-bc2f9fb4d6ab--5202c90f-7ce1-41c3-b218-2f2982a368f1) Disconnected from virtual network. (Virtual Machine ID 7710BC71-ED43-4359-8921-BC2F9FB4D6AB) | 12598 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 12 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4356 | 2600 | hv-osbrick-7519 | S-1-5-83-1-1997585521-1129966915-800858505-2882974879 | 12/22/2020 11:34:16 AM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000006' started successfully. (Virtual machine ID 7710BC71-ED43-4359-8921-BC2F9FB4D6AB) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 11 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 4356 | 4012 | hv-osbrick-7519 | S-1-5-83-1-1997585521-1129966915-800858505-2882974879 | 12/22/2020 11:32:37 AM | 557fa09a-d84e-0001-ceea-7f554ed8d601 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000006' 6a407a6b-80b2-4606-b571-86881c0335df (5202C90F-7CE1-41C3-B218-2F2982A368F1) started successfully. (Virtual Machine ID 7710BC71-ED43-4359-8921-BC2F9FB4D6AB) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 10 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4356 | 4012 | hv-osbrick-7519 | S-1-5-83-1-1997585521-1129966915-800858505-2882974879 | 12/22/2020 11:32:37 AM | 557fa09a-d84e-0001-ceea-7f554ed8d601 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000006' 6a407a6b-80b2-4606-b571-86881c0335df (7710bc71-ed43-4359-8921-bc2f9fb4d6ab--5202c90f-7ce1-41c3-b218-2f2982a368f1) Connected to virtual network. (Virtual Machine ID 7710BC71-ED43-4359-8921-BC2F9FB4D6AB) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 9 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 4356 | 4012 | hv-osbrick-7519 | S-1-5-83-1-1997585521-1129966915-800858505-2882974879 | 12/22/2020 11:32:37 AM | 557fa09a-d84e-0001-ceea-7f554ed8d601 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000005' started successfully. (Virtual machine ID 98DA00A4-86CF-43D5-98D6-66D8CC858C5E) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 8 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 1872 | 1584 | hv-osbrick-7519 | S-1-5-83-1-2564423844-1138067151-3630618264-1586267596 | 12/22/2020 11:30:39 AM | 557fa09a-d84e-0002-a218-80554ed8d601 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000005' 9fadd8bb-0917-4b90-87c5-a7a0a17e5df5 (91FA58C5-DFD0-4E24-AB93-E59590FF8485) started successfully. (Virtual Machine ID 98DA00A4-86CF-43D5-98D6-66D8CC858C5E) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 7 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 1872 | 1584 | hv-osbrick-7519 | S-1-5-83-1-2564423844-1138067151-3630618264-1586267596 | 12/22/2020 11:30:39 AM | 557fa09a-d84e-0002-a218-80554ed8d601 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000005' 9fadd8bb-0917-4b90-87c5-a7a0a17e5df5 (98da00a4-86cf-43d5-98d6-66d8cc858c5e--91fa58c5-dfd0-4e24-ab93-e59590ff8485) Connected to virtual network. (Virtual Machine ID 98DA00A4-86CF-43D5-98D6-66D8CC858C5E) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 6 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 1872 | 1584 | hv-osbrick-7519 | S-1-5-83-1-2564423844-1138067151-3630618264-1586267596 | 12/22/2020 11:30:39 AM | 557fa09a-d84e-0002-a218-80554ed8d601 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' was turned off. (Virtual machine ID E17FDF22-D605-4EA5-AF93-7EAF12185FB4) | 18502 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 5 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 880 | 3904 | hv-osbrick-7519 | S-1-5-83-1-3783253794-1319491077-2944308143-3026130962 | 12/22/2020 11:30:18 AM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' e31b6931-1b61-4bd8-9287-73a2c46b31cd (e17fdf22-d605-4ea5-af93-7eaf12185fb4--6a535d9f-83e0-489c-a556-6a1ff50273c8) Disconnected from virtual network. (Virtual Machine ID E17FDF22-D605-4EA5-AF93-7EAF12185FB4) | 12598 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 4 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 880 | 3904 | hv-osbrick-7519 | S-1-5-83-1-3783253794-1319491077-2944308143-3026130962 | 12/22/2020 11:30:18 AM | | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' started successfully. (Virtual machine ID E17FDF22-D605-4EA5-AF93-7EAF12185FB4) | 18500 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3 | Microsoft-Windows-Hyper-V-Worker | 51ddfa29-d5c8-4803-be4b-2ecb715570fe | Microsoft-Windows-Hyper-V-Worker-Admin | 880 | 5040 | hv-osbrick-7519 | S-1-5-83-1-3783253794-1319491077-2944308143-3026130962 | 12/22/2020 11:28:15 AM | 557fa09a-d84e-0004-3fbd-7f554ed8d601 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' e31b6931-1b61-4bd8-9287-73a2c46b31cd (6A535D9F-83E0-489C-A556-6A1FF50273C8) started successfully. (Virtual Machine ID E17FDF22-D605-4EA5-AF93-7EAF12185FB4) | 12582 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 880 | 5040 | hv-osbrick-7519 | S-1-5-83-1-3783253794-1319491077-2944308143-3026130962 | 12/22/2020 11:28:15 AM | 557fa09a-d84e-0004-3fbd-7f554ed8d601 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'instance-00000004' e31b6931-1b61-4bd8-9287-73a2c46b31cd (e17fdf22-d605-4ea5-af93-7eaf12185fb4--6a535d9f-83e0-489c-a556-6a1ff50273c8) Connected to virtual network. (Virtual Machine ID E17FDF22-D605-4EA5-AF93-7EAF12185FB4) | 12597 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 1 | Microsoft-Windows-Hyper-V-SynthNic | c29c4fb7-b60e-4fff-9af9-cf21f9b09a34 | Microsoft-Windows-Hyper-V-Worker-Admin | 880 | 5040 | hv-osbrick-7519 | S-1-5-83-1-3783253794-1319491077-2944308143-3026130962 | 12/22/2020 11:28:15 AM | 557fa09a-d84e-0004-3fbd-7f554ed8d601 | | microsoft-windows-hyper-v-worker-admin | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |