Microsoft-Windows-AIT

7 events across 1 channel

Event ID	Title	Channel
1		Operational
2		Operational
3		Operational
4		Operational
5		Operational
6		Operational
7		Operational

Event ID 1 —

Provider: Microsoft-Windows-AIT
Channel: Operational
Task: AitFeature

Fields #

Name	Description
`FeatureGuid` GUID	—
`ApplicationImageHeaderHash` Binary	—

Event ID 2 —

Provider: Microsoft-Windows-AIT
Channel: Operational
Task: AitParentAitFeature

Fields #

Name	Description
`cchParentImagePathIncludingNull` UInt16	—
`FeatureGuid` GUID	—
`ParentProcessImageHeaderHash` Binary	—
`ParentImagePath` UnicodeString	—

Event ID 3 —

Provider: Microsoft-Windows-AIT
Channel: Operational
Task: AitAppInfo

Fields #

Name	Description
`cchAppPathIncludingNull` UInt16	—
`ApplicationImageHeaderHash` Binary	—
`AppPath` UnicodeString	—

Event ID 4 —

Provider: Microsoft-Windows-AIT
Channel: Operational
Task: AitSystemUsageByDll

Fields #

Name	Description
`Flags` Binary	—
`cchIdStringIncludingNull` UInt16	—
`cchDllPathIncludingNull` UInt16	—
`Category` UInt32	—
`ManifestVersion` UInt32	—
`DllHeaderHash` Binary	—
`ApplicationImageHeaderHash` Binary	—
`IdString` AnsiString	—
`DllPath` UnicodeString	—

Event ID 5 —

Provider: Microsoft-Windows-AIT
Channel: Operational
Task: AitSystemUsageByExe

Fields #

Name	Description
`Flags` Binary	—
`cchIdStringIncludingNull` UInt16	—
`Category` UInt32	—
`ManifestVersion` UInt32	—
`ApplicationImageHeaderHash` Binary	—
`IdString` AnsiString	—

Event ID 6 —

Provider: Microsoft-Windows-AIT
Channel: Operational
Task: AitProcessEnd

Event ID 7 —

Provider: Microsoft-Windows-AIT
Channel: Operational
Task: KitFeature

Fields #

Name	Description
`FeatureGuid` GUID	—
`CallerIdType` UInt32	—
`cchImagePath` UInt16	—
`ImagePath` UnicodeString	—