Microsoft-Antimalware-RTP

29 events across 1 channel

Event ID	Title	Channel
1		Application
2		Application
3		Application
4		Application
5		Application
6		Application
7		Application
8		Application
9		Application
10		Application
11		Application
12		Application
13		Application
14		Application
15		Application
16		Application
17		Application
18		Application
19		Application
20		Application
21		Application
22		Application
23		Application
24		Application
25		Application
26		Application
27		Application
28		Application
29		Application

Event ID 1 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 2 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 3 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 4 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 5 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 6 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 7 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 8 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 9 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 10 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 11 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 12 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 13 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 14 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`File`	—

Event ID 15 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`File`	—

Event ID 16 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`File`	—

Event ID 17 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`File`	—

Event ID 18 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 19 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 20 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 21 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Event ID 22 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`Description`	—
`PreviousValue`	—
`IntendedValueOrHResult`	—
`LatestValue`	—

Event ID 23 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`Operation`	—
`SubOperation`	—
`AccessCheck`	—

Event ID 24 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`Operation`	—
`SubOperation`	—
`AccessCheck`	—

Event ID 25 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`Timestamp`	—
`ActionType`	—
`Access`	—
`Policy`	—
`MachineName`	—
`MediaName`	—
`ClassName`	—
`ClassGuid`	—
`UserName`	—
`VendorId`	—
`ProductId`	—
`DeviceId`	—
`InstanceId`	—
`SerialNumber`	—
`BusType`	—
`FilePath`	—
`FileSize`	—
`Tag`	—
`DomainAuthenticatedNetworkPresent`	—
`ActiveVPNConnections`	—
`ProcessImageName`	—
`PolicyId`	—
`AccessChainRuleIds`	—
`AccessChainRuleEntryIds`	—
`PrinterPortName`	—

Event ID 26 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`Timestamp`	—
`Policy`	—
`PolicyRuleId`	—
`DuplicatedOperation`	—
`MachineName`	—
`UserName`	—
`ClassName`	—
`MediaName`	—
`InstanceId`	—
`SerialNumber`	—
`VendorId`	—
`ProductId`	—
`DeviceFilePath`	—
`EvidenceFileSize`	—
`EvidenceFileLocation`	—
`Tag`	—

Event ID 27 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`FileName`	—
`ScanReason`	—
`FileId`	—
`USN`	—
`RtpScanResult`	—
`RtpScanAction`	—
`DoNotCache`	—
`Flags`	—
`ScanResult`	—
`hr`	—

Event ID 28 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`Timestamp`	—
`CurrentGrantedAccess`	—
`MaximumPossibleGrantedAccess`	—
`CurrentDeniedAccess`	—
`MinimumGuaranteedDeniedAccess`	—
`MachineName`	—
`UserName`	—
`ClassName`	—
`MediaName`	—
`BusType`	—
`DeviceId`	—
`InstanceId`	—
`SerialNumber`	—
`VendorId`	—
`ProductId`	—
`DomainAuthenticatedNetworkPresent`	—
`ActiveVPNConnections`	—
`ActiveNetworks`	—
`DevicePolicyGroupMembership`	—

Event ID 29 —

Provider: Microsoft-Antimalware-RTP
Channel: Application

Fields

Name	Description
`Timestamp`	—
`State`	—