Microsoft-Windows-AppReadiness

174 events across 3 channels

Event ID	Title	Channel
10	The Appx operation '.	Admin
11	A exception was caught.	Operational
12	The Appx preview tile generation failed for user '.	Admin
100	App Readiness service has started.	Admin
101	App Readiness service has stopped.	Admin
102		Debug
103		Operational
104	App Readiness status changed to '.	Debug
105	Checking for service idle.	Operational
106	'.	Operational
107	'.	Operational
108		Operational
109	App Readiness service has been notified of new apps.	Admin
110	App Readiness service has leaked %1 references.	Operational
111	App Readiness service failed to DisconnectAll COM Disconnectable Objects.	Admin
200	Started processing tasks for '.	Debug
201	Finished processing tasks for '.	Debug
205	Loaded queue for '.	Debug
206	'.	Debug
207	'.	Debug
209	For '.	Admin
210	App Readiness service has found new tasks for %1.	Admin
211	App Readiness service has completed tasks for %1.	Admin
212	%2 pre-installed apps found for %1.	Debug
213	'.	Admin
214	'.	Admin
215	'.	Admin
216	Activity for '.	Admin
217	Activity for '.	Operational
218	'.	Admin
219	%2 pre-installed apps found for %1.	Operational
220	'.	Admin
221	Task '.	Operational
222	'.	Operational
223	Shutdown for '.	Debug
224	Shutdown for '.	Debug
225	Canceling '.	Admin
226	During shutdown '.	Operational
227	'.	Debug
228	'.	Debug
229	'.	Debug
230	App Readiness service has completed all tasks for user.	Debug
231	FWOpenPolicyStore starts.	Debug
232	FWOpenPolicyStore returns %1.	Admin
233	FWClosePolicyStore starts.	Debug
234	FWClosePolicyStore returns %1.	Admin
235	OnDemandRegisterAsync starts.	Debug
236	OnDemandRegisterAsync returns %1.	Admin
237	OnDemandRegisterWaitForCompletion starts.	Debug
238	OnDemandRegisterWaitForCompletion returns %1.	Admin
239	OnDemandRegister returns error %1.	Admin
240	Task '.	Admin
241	Task '.	Admin
300	Started '.	Debug
301	Finished '.	Debug
302	Started group '.	Debug
303	Finished group '.	Debug
304	During execution of '.	Debug
305	Package '.	Debug
306	For '.	Operational
307	Finished activation of '.	Operational
308	Preview tile creation failed '.	Admin
309	Starting registry flush for '.	Operational
310	Finished registry flush for '.	Operational
311	Failed to flush registry key '.	Admin
312	Successfully created %3 preview tiles for %1.	Operational
313	'.	Operational
314	'.	Debug
315	'.	Operational
316	Installing '.	Admin
317	Starting pre-registration of '.	Debug
318	Completed pre-registration of '.	Debug
319	Pre-registration for '.	Admin
320	Failed to flush registry key '.	Admin
321	OnDemandRegisterAsync starts.	Debug
322	OnDemandRegisterAsync returns %1.	Admin
323	OnDemandRegisterWaitForCompletion starts.	Debug
324	OnDemandRegisterWaitForCompletion returns %1.	Admin
325	OnDemandRegister returns error %1.	Admin
326	OnDemandRegisterAsync starts.	Debug
327	OnDemandRegisterAsync returns %1.	Admin
328	OnDemandRegisterWaitForCompletion starts.	Debug
329	OnDemandRegisterWaitForCompletion returns %1.	Admin
330	OnDemandRegister returns error %1.	Admin
331	Importing package status for user %1 completed with hr=%2.	Admin
332	Task '.	Admin
1001	API Enter for '.	Operational
1002	API Exit for '.	Operational
1003	API Enter for '.	Operational
1004	API Exit for '.	Operational
1005	API Enter for '.	Operational
1006	API Exit for '.	Operational
1009	API Enter for '.	Operational
1010	API Exit for '.	Operational
1013	API Enter for '.	Operational
1014	API Exit for '.	Operational
1015	API Enter for '.	Operational
1016	API Exit for '.	Operational
1017	API Enter for '.	Operational
1018	API Exit for '.	Operational
1019	API Enter for '.	Operational
1020	API Exit for '.	Operational
1021	DisableInAuditMode registry value set to block API calls while in audit mode …	Admin
2000		Debug
2001		Debug
2002		Debug
2003		Debug
2005		Debug
2006		Debug
2007		Debug
2008		Debug
2009		Debug
2010		Debug
2500		Debug
2501		Debug
2502		Debug
2503		Debug
2504		Operational
3000		Debug
3001		Debug
4000		Operational
4001		Operational
5000		Debug
5001		Debug
5002		Debug
5003		Debug
5004		Debug
5005		Debug
5006		Debug
5007		Debug
5008		Debug
5009		Debug
5010		Debug
5011		Debug
5012		Debug
5013		Debug
5014		Debug
5015		Debug
5016		Debug
5017		Debug
5018		Debug
5019		Debug
5020		Debug
5021		Debug
5022		Debug
5023		Debug
5024		Debug
5025		Debug
5026		Debug
5027		Debug
5028		Debug
5029		Debug
5030		Debug
5031		Debug
5032		Debug
5033		Debug
5034		Debug
5035		Debug
5036		Debug
5037		Debug
5038		Debug
5039		Debug
5040		Debug
5041		Debug
5042		Debug
5043		Debug
5044	%1 : failed determine if tiles are missing.	Admin
5045	%1 : failed to repair missing tiles.	Admin
5046	%1 : missing tiles detected.	Admin
5047	%1 : missing tiles repaired.	Admin
5048		Debug
5049		Debug
5050		Debug
5051		Debug

Event ID 10 — The Appx operation '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 2
Samples: 1

Message

The Appx operation '%2' on '%3' failed for user '%1' - %5. (Error: %4)

Fields

Name	Description
`User`	—
`Operation`	—
`PackageId`	—
`Result`	5. (Error.
`Error`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 10
  version: 0
  level: 2
  task: 6
  opcode: 0
  keywords: 9223372036854775936
  time_created: '2023-11-05T22:29:17.204020+00:00'
  event_record_id: 445
  correlation:
    ActivityID: 59A0D65F-1037-0001-E4F0-A0593710DA01
  execution:
    process_id: 5660
    thread_id: 5712
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  User: S-1-5-21-1992711665-1655669231-58201500-1000
  Operation: RegisterPackageAsync
  PackageId: Microsoft.VCLibs.140.00_14.0.30704.0_x64__8wekyb3d8bbwe
  Result: -2147009274
  Error: Windows cannot install package Microsoft.VCLibs.140.00_14.0.30704.0_x64__8wekyb3d8bbwe
    because it has version 14.0.30704.0. A higher version 14.0.32530.0 of this package
    is already installed.
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 11 — A exception was caught.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational
Level: 3
Samples: 1

Message

A exception was caught: %1.

Fields

Name	Description
`Error`	A exception was caught.
`Expression`	—
`Function`	—
`File`	—
`Line`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 11
  version: 0
  level: 3
  task: 6
  opcode: 0
  keywords: 4611686018427388032
  time_created: '2023-11-05T22:33:30.809965+00:00'
  event_record_id: 23
  correlation:
    ActivityID: E4DB489E-1037-0002-3975-DBE43710DA01
  execution:
    process_id: 4952
    thread_id: 7936
  channel: Microsoft-Windows-AppReadiness/Operational
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  Error: "2\0\a�"
  Expression: result
  Function: AppReadiness::Tasks::RegisterPackage::OnExecute
  File: onecoreuap\shell\appreadiness\src\tasks\registerpackage.cpp
  Line: "\x1A\x01"
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 12 — The Appx preview tile generation failed for user '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

The Appx preview tile generation failed for user '%1': %2. (Result: %3)

Fields

Name	Description
`User`	—
`Error`	—
`Result`	—

Event ID 100 — App Readiness service has started.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

App Readiness service has started.

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 100
  version: 0
  level: 4
  task: 13
  opcode: 1
  keywords: 9223372036854775809
  time_created: '2023-10-26T04:21:52.496522+00:00'
  event_record_id: 10
  correlation: {}
  execution:
    process_id: 1844
    thread_id: 1960
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data: {}
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 101 — App Readiness service has stopped.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

App Readiness service has stopped.

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 101
  version: 0
  level: 4
  task: 13
  opcode: 2
  keywords: 9223372036854775809
  time_created: '2023-10-26T04:20:51.148587+00:00'
  event_record_id: 9
  correlation: {}
  execution:
    process_id: 2956
    thread_id: 788
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WIN-OQ6R0RVA4NF
  security:
    user_id: S-1-5-18
event_data: {}
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 102 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Event ID 103 —

Provider: Microsoft-Windows-AppReadiness
Channel: Operational
Level: 4
Samples: 1

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 103
  version: 0
  level: 4
  task: 14
  opcode: 2
  keywords: 4611686018427387905
  time_created: '2023-11-05T23:51:40.799865+00:00'
  event_record_id: 31
  correlation: {}
  execution:
    process_id: 10560
    thread_id: 3968
  channel: Microsoft-Windows-AppReadiness/Operational
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data: {}
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 104 — App Readiness status changed to '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

App Readiness status changed to '%1' (ExitCode: %2)

Fields

Name	Description
`Status`	—
`ExitCode`	—

Event ID 105 — Checking for service idle.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational
Level: 4
Samples: 1

Message

Checking for service idle. (Result=%1, Reason=%2)

Fields

Name	Description
`IsIdle`	—
`Reason`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 105
  version: 0
  level: 4
  task: 7
  opcode: 0
  keywords: 4611686018427387905
  time_created: '2023-11-05T23:51:40.726163+00:00'
  event_record_id: 30
  correlation: {}
  execution:
    process_id: 10560
    thread_id: 3968
  channel: Microsoft-Windows-AppReadiness/Operational
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  IsIdle: true
  Reason: None
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 106 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational
Level: 4
Samples: 1

Message

'%1' has logged on.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 106
  version: 0
  level: 4
  task: 7
  opcode: 0
  keywords: 4611686018427387905
  time_created: '2023-10-25T21:23:46.541840+00:00'
  event_record_id: 3
  correlation: {}
  execution:
    process_id: 1844
    thread_id: 1848
  channel: Microsoft-Windows-AppReadiness/Operational
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: User
    Value: S-1-5-21-2533829718-189860685-2477588761-500
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 107 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational
Level: 4
Samples: 1

Message

'%1' has logged off.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 107
  version: 0
  level: 4
  task: 7
  opcode: 0
  keywords: 4611686018427387905
  time_created: '2023-11-05T22:31:33.744555+00:00'
  event_record_id: 20
  correlation: {}
  execution:
    process_id: 5660
    thread_id: 5664
  channel: Microsoft-Windows-AppReadiness/Operational
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: User
    Value: S-1-5-21-1992711665-1655669231-58201500-1000
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 108 —

Provider: Microsoft-Windows-AppReadiness
Channel: Operational
Level: 4
Samples: 1

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 108
  version: 0
  level: 4
  task: 17
  opcode: 1
  keywords: 4611686018427387905
  time_created: '2023-11-05T23:49:11.255658+00:00'
  event_record_id: 29
  correlation: {}
  execution:
    process_id: 10560
    thread_id: 5420
  channel: Microsoft-Windows-AppReadiness/Operational
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: Source
    Value: 2
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 109 — App Readiness service has been notified of new apps.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

App Readiness service has been notified of new apps. (Source: %1, Error: %2)

Fields

Name	Description
`Source`	App Readiness service has been notified of new apps. (Source.
`Result`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 109
  version: 0
  level: 4
  task: 17
  opcode: 2
  keywords: 9223372036854775809
  time_created: '2023-10-26T04:18:47.728320+00:00'
  event_record_id: 4
  correlation: {}
  execution:
    process_id: 2956
    thread_id: 1308
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WIN-OQ6R0RVA4NF
  security:
    user_id: S-1-5-18
event_data:
  Source: 2
  Result: ''
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 110 — App Readiness service has leaked %1 references.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

App Readiness service has leaked %1 references. This could delay the system shutdown by %2 milliseconds.

Fields

Name	Description
`ReferencesLeaked`	—
`ShutdownDelayMsec`	—

Event ID 111 — App Readiness service failed to DisconnectAll COM Disconnectable Objects.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

App Readiness service failed to DisconnectAll COM Disconnectable Objects. (Result: %1)

Fields

Name	Description
`Result`	—

Event ID 200 — Started processing tasks for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Started processing tasks for '%1'.

Fields

Name	Description
`User`	—

Event ID 201 — Finished processing tasks for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Finished processing tasks for '%1'.

Fields

Name	Description
`User`	—

Event ID 205 — Loaded queue for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Loaded queue for '%1' with %2 items.

Fields

Name	Description
`User`	—
`NumPackages`	—
`PackageInfo`	—

Event ID 206 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

'%2' started for %1. (Priority: %3)

Fields

Name	Description
`User`	—
`TaskId`	—
`Priority`	—

Event ID 207 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

'%2' finished for %1. (Result: %3)

Fields

Name	Description
`User`	—
`TaskId`	—
`Result`	—

Event ID 209 — For '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

For '%1' has changed mode from '%2' to '%3'

Fields

Name	Description
`User`	—
`From`	—
`To`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 209
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 9223372036854775810
  time_created: '2023-10-26T04:20:51.133929+00:00'
  event_record_id: 8
  correlation: {}
  execution:
    process_id: 2956
    thread_id: 788
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WIN-OQ6R0RVA4NF
  security:
    user_id: S-1-5-18
event_data:
  User: S-1-5-18
  From: 2
  To: 3
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 210 — App Readiness service has found new tasks for %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

App Readiness service has found new tasks for %1.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 210
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 9223372036854775810
  time_created: '2023-10-25T21:40:47.762141+00:00'
  event_record_id: 325
  correlation: {}
  execution:
    process_id: 5240
    thread_id: 5296
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: User
    Value: S-1-5-21-2533829718-189860685-2477588761-500
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 211 — App Readiness service has completed tasks for %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

App Readiness service has completed tasks for %1.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 211
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 9223372036854775810
  time_created: '2023-10-26T04:18:47.728560+00:00'
  event_record_id: 7
  correlation: {}
  execution:
    process_id: 2956
    thread_id: 700
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WIN-OQ6R0RVA4NF
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: User
    Value: S-1-5-18
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 212 — %2 pre-installed apps found for %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

%2 pre-installed apps found for %1

Fields

Name	Description
`SID`	—
`NumPackages`	—
`PackageFamilyName`	—

Event ID 213 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

'%2' %3 succeeded for %1. (%4 seconds)

Fields

Name	Description
`Username`	—
`Package`	—
`Operation`	—
`Elapsed`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 213
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 9223372036854775810
  time_created: '2023-10-25T21:40:47.742338+00:00'
  event_record_id: 323
  correlation: {}
  execution:
    process_id: 5240
    thread_id: 5296
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data:
  Username: S-1-5-21-2533829718-189860685-2477588761-500
  Package: CanonicalGroupLimited.UbuntuonWindows_79rhkp1fndgsc
  Operation: 1
  Elapsed: f���f��?
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 214 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 2
Samples: 1

Message

'%2' %3 failed for %1. Error: '%4' (%5 seconds)

Fields

Name	Description
`User`	—
`Package`	—
`Operation`	—
`Error`	—
`Elapsed`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 214
  version: 0
  level: 2
  task: 1
  opcode: 0
  keywords: 9223372036854775810
  time_created: '2023-11-05T22:33:30.819207+00:00'
  event_record_id: 604
  correlation: {}
  execution:
    process_id: 4952
    thread_id: 2436
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  User: S-1-5-21-1992711665-1655669231-58201500-1000
  Package: Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe
  Operation: 1
  Error: -2147024846
  Elapsed: '0.2400311'
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 215 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

'%2' failed for %1. Error: '%3' (%4 seconds)

Fields

Name	Description
`Username`	—
`Task`	—
`Error`	—
`Elapsed`	—

Event ID 216 — Activity for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

Activity for '%1' has been suspended and will resume at %2.

Fields

Name	Description
`User`	—
`ResumeAt`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 216
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 9223372036854775810
  time_created: '2023-10-25T21:39:08.142987+00:00'
  event_record_id: 207
  correlation: {}
  execution:
    process_id: 5240
    thread_id: 5308
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data:
  User: S-1-5-21-2533829718-189860685-2477588761-500
  ResumeAt: 1698244778.141
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 217 — Activity for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational
Level: 4
Samples: 1

Message

Activity for '%1' has resumed.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 217
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 4611686018427387906
  time_created: '2023-11-05T22:33:01.409803+00:00'
  event_record_id: 22
  correlation: {}
  execution:
    process_id: 4952
    thread_id: 5104
  channel: Microsoft-Windows-AppReadiness/Operational
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: User
    Value: S-1-5-21-1992711665-1655669231-58201500-1000
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 218 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

'%2' %3 failed for %1 and will be attempted after %5.

Fields

Name	Description
`User`	—
`Package`	—
`Operation`	—
`Error`	—
`AttemptAfter`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 218
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 9223372036854775810
  time_created: '2023-11-05T22:33:30.819200+00:00'
  event_record_id: 602
  correlation: {}
  execution:
    process_id: 4952
    thread_id: 2436
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  User: S-1-5-21-1992711665-1655669231-58201500-1000
  Package: Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe
  Operation: 1
  Error: -2147024846
  AttemptAfter: '2023-11-05T22:38:30.805815Z'
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 219 — %2 pre-installed apps found for %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

%2 pre-installed apps found for %1

Fields

Name	Description
`SID`	—
`NumPackages`	—
`PackageFamilyName`	—

Event ID 220 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

'%2' succeeded for %1. (%3 seconds)

Fields

Name	Description
`Username`	—
`Task`	—
`Elapsed`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 220
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 9223372036854775810
  time_created: '2023-10-26T04:22:06.119006+00:00'
  event_record_id: 13
  correlation: {}
  execution:
    process_id: 1844
    thread_id: 2164
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data:
  Username: S-1-5-18
  Task: ART:AppxPreRegistration
  Elapsed: "�/E^{\x13\x14@"
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 221 — Task '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

Task '%2' created for %1.

Fields

Name	Description
`Username`	—
`Task`	—

Event ID 222 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

'%2' was removed (Canceled: %4) for '%1' due to new opposing task of type %3.

Fields

Name	Description
`User`	—
`TaskId`	—
`OpposingOperation`	—
`TaskCanceled`	—

Event ID 223 — Shutdown for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Shutdown for '%1' has started.

Fields

Name	Description
`User`	—

Event ID 224 — Shutdown for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Shutdown for '%1' has completed.

Fields

Name	Description
`User`	—

Event ID 225 — Canceling '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

Canceling '%2' for '%1' due to shutdown.

Fields

Name	Description
`Username`	—
`Task`	—

Event ID 226 — During shutdown '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

During shutdown '%1' is waiting for tasks to complete.

Fields

Name	Description
`User`	—

Event ID 227 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

'%2' was selected as the next task for %1. (Priority=%3)

Fields

Name	Description
`User`	—
`TaskId`	—
`Priority`	—

Event ID 228 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

'%1' succeeded. (%2 seconds)

Fields

Name	Description
`Task`	—
`Elapsed`	—

Event ID 229 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

'%1' was selected as the next task. (Priority=%2)

Fields

Name	Description
`TaskId`	—
`Priority`	—

Event ID 230 — App Readiness service has completed all tasks for user.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

App Readiness service has completed all tasks for user.

Event ID 231 — FWOpenPolicyStore starts.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

FWOpenPolicyStore starts.

Event ID 232 — FWOpenPolicyStore returns %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

FWOpenPolicyStore returns %1.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 232
  version: 0
  level: 4
  task: 1
  opcode: 2
  keywords: 9223372036854775810
  time_created: '2023-10-25T21:39:04.309206+00:00'
  event_record_id: 148
  correlation: {}
  execution:
    process_id: 5240
    thread_id: 5308
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: ExitCode
    Value: 0
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 233 — FWClosePolicyStore starts.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

FWClosePolicyStore starts.

Event ID 234 — FWClosePolicyStore returns %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

FWClosePolicyStore returns %1.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 234
  version: 0
  level: 4
  task: 1
  opcode: 2
  keywords: 9223372036854775810
  time_created: '2023-10-25T21:39:15.324728+00:00'
  event_record_id: 213
  correlation: {}
  execution:
    process_id: 5240
    thread_id: 5308
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: ExitCode
    Value: 0
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 235 — OnDemandRegisterAsync starts.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

OnDemandRegisterAsync starts.

Event ID 236 — OnDemandRegisterAsync returns %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

OnDemandRegisterAsync returns %1.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 236
  version: 0
  level: 4
  task: 1
  opcode: 2
  keywords: 9223372036854775812
  time_created: '2023-10-25T21:39:06.662792+00:00'
  event_record_id: 149
  correlation:
    ActivityID: 8865F308-078B-0002-72FE-65888B07DA01
  execution:
    process_id: 5240
    thread_id: 5296
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-21-2533829718-189860685-2477588761-500
event_data:
  Data:
    Name: ExitCode
    Value: 0
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 237 — OnDemandRegisterWaitForCompletion starts.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

OnDemandRegisterWaitForCompletion starts.

Event ID 238 — OnDemandRegisterWaitForCompletion returns %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

OnDemandRegisterWaitForCompletion returns %1.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 238
  version: 0
  level: 4
  task: 1
  opcode: 2
  keywords: 9223372036854775812
  time_created: '2023-10-25T21:39:08.044160+00:00'
  event_record_id: 150
  correlation:
    ActivityID: 8865F308-078B-0002-72FE-65888B07DA01
  execution:
    process_id: 5240
    thread_id: 5296
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-21-2533829718-189860685-2477588761-500
event_data:
  Data:
    Name: ExitCode
    Value: 0
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 239 — OnDemandRegister returns error %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

OnDemandRegister returns error %1.

Fields

Name	Description
`ExitCode`	—

Event ID 240 — Task '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

Task '%2' is added for %1, tasks: %3

Fields

Name	Description
`User`	—
`TaskId`	—
`TaskCount`	1, tasks.

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 240
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 9223372036854775812
  time_created: '2023-10-26T04:21:59.768043+00:00'
  event_record_id: 11
  correlation: {}
  execution:
    process_id: 1844
    thread_id: 2072
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data:
  User: S-1-5-18
  TaskId: ART:AppxPreRegistration
  TaskCount: 1
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 241 — Task '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

Task '%2' is removed for %1, tasks: %3

Fields

Name	Description
`User`	—
`TaskId`	—
`TaskCount`	1, tasks.

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 241
  version: 0
  level: 4
  task: 1
  opcode: 0
  keywords: 9223372036854775812
  time_created: '2023-10-26T04:22:06.119005+00:00'
  event_record_id: 12
  correlation: {}
  execution:
    process_id: 1844
    thread_id: 2164
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDevEval
  security:
    user_id: S-1-5-18
event_data:
  User: S-1-5-18
  TaskId: ART:AppxPreRegistration
  TaskCount: 0
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 300 — Started '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Started '%2' for '%1'

Fields

Name	Description
`User`	—
`TaskId`	—

Event ID 301 — Finished '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Finished '%2' for '%1' lasted %4 seconds. (%3)

Fields

Name	Description
`User`	—
`TaskId`	—
`Result`	—
`Duration`	—

Event ID 302 — Started group '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Started group '%2' for '%1'

Fields

Name	Description
`User`	—
`GroupId`	—

Event ID 303 — Finished group '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Finished group '%2' for '%1' lasted %4 seconds. (%3)

Fields

Name	Description
`User`	—
`GroupId`	—
`Result`	—
`Duration`	—

Event ID 304 — During execution of '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

During execution of '%2' for '%1' task '%3' failed. (Error: %4)

Fields

Name	Description
`User`	—
`GroupId`	—
`TaskId`	—
`Result`	—

Event ID 305 — Package '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Package '%2' was removed from '%1' first login group. (Reason: %3)

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Reason`	—

Event ID 306 — For '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

For '%1' task '%2' was canceled.

Fields

Name	Description
`User`	—
`TaskId`	—

Event ID 307 — Finished activation of '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

Finished activation of '%2' for '%1'. (Result: %3)

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Reason`	—

Event ID 308 — Preview tile creation failed '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

Preview tile creation failed '%2' for %1. (Source: %3, Error: %4)

Fields

Name	Description
`Error`	—
`User`	—
`PackageFamilyName`	—
`Source`	—
`Result`	—

Event ID 309 — Starting registry flush for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational
Level: 4
Samples: 1

Message

Starting registry flush for '%1'.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 309
  version: 0
  level: 4
  task: 2
  opcode: 1
  keywords: 4611686018427387908
  time_created: '2023-11-05T22:29:25.993515+00:00'
  event_record_id: 17
  correlation: {}
  execution:
    process_id: 5660
    thread_id: 5744
  channel: Microsoft-Windows-AppReadiness/Operational
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: User
    Value: S-1-5-21-1992711665-1655669231-58201500-1000
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 310 — Finished registry flush for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational
Level: 4
Samples: 1

Message

Finished registry flush for '%1'.

Fields

Name	Description
`Data`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 310
  version: 0
  level: 4
  task: 2
  opcode: 2
  keywords: 4611686018427387908
  time_created: '2023-11-05T22:29:26.031718+00:00'
  event_record_id: 18
  correlation: {}
  execution:
    process_id: 5660
    thread_id: 5744
  channel: Microsoft-Windows-AppReadiness/Operational
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  Data:
    Name: User
    Value: S-1-5-21-1992711665-1655669231-58201500-1000
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 311 — Failed to flush registry key '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

Failed to flush registry key '%2' for '%1'. (Error: %3)

Fields

Name	Description
`User`	—
`Key`	—
`Result`	—

Event ID 312 — Successfully created %3 preview tiles for %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

Successfully created %3 preview tiles for %1. (Source: %2)

Fields

Name	Description
`User`	—
`Source`	—
`NumPackages`	—
`PackageFamilyName`	—

Event ID 313 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

'%2' is canceling '%3' for '%1' as a result of cancel.

Fields

Name	Description
`User`	—
`Group`	—
`Task`	—

Event ID 314 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

'%2' has selected '%3' for '%1' for the next task.

Fields

Name	Description
`User`	—
`Group`	—
`Task`	—

Event ID 315 — '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

'%2' was removed from '%1' first login group. (Reason: %3)

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Reason`	—

Event ID 316 — Installing '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

Installing '%2' for '%1' has hit the in-activity timeout

Fields

Name	Description
`User`	—
`PackageFamilyName`	—

Event ID 317 — Starting pre-registration of '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Starting pre-registration of '%1'

Fields

Name	Description
`PackageId`	—

Event ID 318 — Completed pre-registration of '.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

Completed pre-registration of '%1'

Fields

Name	Description
`PackageId`	—

Event ID 319 — Pre-registration for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 2
Samples: 1

Message

Pre-registration for '%1' failed. (Error: %2)

Fields

Name	Description
`PackageId`	—
`Result`	1' failed. (Error.

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 319
  version: 0
  level: 2
  task: 23
  opcode: 0
  keywords: 9223372036854775812
  time_created: '2023-11-05T22:33:30.809891+00:00'
  event_record_id: 601
  correlation:
    ActivityID: E4DB489E-1037-0002-3975-DBE43710DA01
  execution:
    process_id: 4952
    thread_id: 7936
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WinDev2310Eval
  security:
    user_id: S-1-5-18
event_data:
  PackageId: Microsoft.MicrosoftEdge.Stable_118.0.2088.61_neutral__8wekyb3d8bbwe
  Result: -2147024846
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 320 — Failed to flush registry key '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

Failed to flush registry key '%1'. (Error: %2)

Fields

Name	Description
`Key`	—
`Result`	—

Event ID 321 — OnDemandRegisterAsync starts.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

OnDemandRegisterAsync starts.

Event ID 322 — OnDemandRegisterAsync returns %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

OnDemandRegisterAsync returns %1.

Fields

Name	Description
`ExitCode`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 322
  version: 0
  level: 4
  task: 2
  opcode: 2
  keywords: 9223372036854775812
  time_created: '2022-04-07T16:48:31.584808+00:00'
  event_record_id: 69
  correlation:
    ActivityID: DD7B0B6A-4A9E-0000-8126-7BDD9E4AD801
  execution:
    process_id: 2304
    thread_id: 4244
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-21-2121334350-1110938707-2888912545-500
event_data:
  ExitCode: '0x0'
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 323 — OnDemandRegisterWaitForCompletion starts.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

OnDemandRegisterWaitForCompletion starts.

Event ID 324 — OnDemandRegisterWaitForCompletion returns %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin
Level: 4
Samples: 1

Message

OnDemandRegisterWaitForCompletion returns %1.

Fields

Name	Description
`ExitCode`	—

Example Event

system:
  provider: Microsoft-Windows-AppReadiness
  guid: F0BE35F8-237B-4814-86B5-ADE51192E503
  event_source_name: ''
  event_id: 324
  version: 0
  level: 4
  task: 2
  opcode: 2
  keywords: 9223372036854775812
  time_created: '2022-04-07T16:48:31.708898+00:00'
  event_record_id: 70
  correlation:
    ActivityID: DD7B0B6A-4A9E-0000-8126-7BDD9E4AD801
  execution:
    process_id: 2304
    thread_id: 4244
  channel: Microsoft-Windows-AppReadiness/Admin
  computer: WIN-FPV0DSIC9O6
  security:
    user_id: S-1-5-18
event_data:
  ExitCode: '0x0'
message: ''

References

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 325 — OnDemandRegister returns error %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

OnDemandRegister returns error %1.

Fields

Name	Description
`ExitCode`	—

Event ID 326 — OnDemandRegisterAsync starts.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

OnDemandRegisterAsync starts.

Event ID 327 — OnDemandRegisterAsync returns %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

OnDemandRegisterAsync returns %1.

Fields

Name	Description
`ExitCode`	—

Event ID 328 — OnDemandRegisterWaitForCompletion starts.

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Message

OnDemandRegisterWaitForCompletion starts.

Event ID 329 — OnDemandRegisterWaitForCompletion returns %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

OnDemandRegisterWaitForCompletion returns %1.

Fields

Name	Description
`ExitCode`	—

Event ID 330 — OnDemandRegister returns error %1.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

OnDemandRegister returns error %1.

Fields

Name	Description
`ExitCode`	—

Event ID 331 — Importing package status for user %1 completed with hr=%2.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

Importing package status for user %1 completed with hr=%2. %3 values were imported. %4 values failed to be imported.

Fields

Name	Description
`userSid`	—
`Result`	—
`numImported`	—
`numFailed`	—

Event ID 332 — Task '.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

Task '%2' is performed from ARS for OneTimeRegistration on package %1

Fields

Name	Description
`PackageFullName`	—
`TaskType`	—

Event ID 1001 — API Enter for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Enter for '%1' (Process: %2)

Fields

Name	Description
`User`	—
`ProcessId`	—

Event ID 1002 — API Exit for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Exit for '%1' (Process: %2 Result: %3)

Fields

Name	Description
`Result`	1' (Process.
`User`	—
`ProcessId`	—

Event ID 1003 — API Enter for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Enter for '%1' (Process: %2)

Fields

Name	Description
`User`	—
`ProcessId`	—

Event ID 1004 — API Exit for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Exit for '%1' (Process: %2 Result: %3)

Fields

Name	Description
`Result`	1' (Process.
`User`	—
`ProcessId`	—

Event ID 1005 — API Enter for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Enter for '%1' (Process: %2)

Fields

Name	Description
`User`	—
`ProcessId`	—

Event ID 1006 — API Exit for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Exit for '%1' (Process: %2 Result: %3)

Fields

Name	Description
`Result`	1' (Process.
`User`	—
`ProcessId`	—

Event ID 1009 — API Enter for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Enter for '%1' (Process: %2)

Fields

Name	Description
`User`	—
`ProcessId`	—

Event ID 1010 — API Exit for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Exit for '%1' (Process: %2 Result: %3)

Fields

Name	Description
`Result`	1' (Process.
`User`	—
`ProcessId`	—

Event ID 1013 — API Enter for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Enter for '%1' (Process: %2)

Fields

Name	Description
`User`	—
`ProcessId`	—

Event ID 1014 — API Exit for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Exit for '%1' (Process: %2 Result: %3)

Fields

Name	Description
`Result`	1' (Process.
`User`	—
`ProcessId`	—

Event ID 1015 — API Enter for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Enter for '%1' (Process: %2)

Fields

Name	Description
`User`	—
`ProcessId`	—

Event ID 1016 — API Exit for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Exit for '%1' (Process: %2 Result: %3)

Fields

Name	Description
`Result`	1' (Process.
`User`	—
`ProcessId`	—

Event ID 1017 — API Enter for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Enter for '%1' (Process: %2)

Fields

Name	Description
`User`	—
`ProcessId`	—

Event ID 1018 — API Exit for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Exit for '%1' (Process: %2 Result: %3)

Fields

Name	Description
`Result`	1' (Process.
`User`	—
`ProcessId`	—

Event ID 1019 — API Enter for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Enter for '%1' (Process: %2)

Fields

Name	Description
`User`	—
`ProcessId`	—

Event ID 1020 — API Exit for '.

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Message

API Exit for '%1' (Process: %2 Result: %3)

Fields

Name	Description
`Result`	1' (Process.
`User`	—
`ProcessId`	—

Event ID 1021 — DisableInAuditMode registry value set to block API calls while in audit mode (audit mode: %1).

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

DisableInAuditMode registry value set to block API calls while in audit mode (audit mode: %1).

Fields

Name	Description
`IsAuditMode`	—

Event ID 2000 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—

Event ID 2001 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Score`	—

Event ID 2002 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Score`	—

Event ID 2003 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Score`	—

Event ID 2005 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Score`	—

Event ID 2006 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Score`	—

Event ID 2007 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Score`	—

Event ID 2008 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Score`	—

Event ID 2009 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Score`	—

Event ID 2010 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`PackageFamilyName`	—
`Score`	—

Event ID 2500 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—

Event ID 2501 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`Result`	—

Event ID 2502 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`Package`	—
`Result`	—

Event ID 2503 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`User`	—
`Package`	—
`Result`	—

Event ID 2504 —

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Fields

Name	Description
`User`	—
`Result`	—

Event ID 3000 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`TaskId`	—

Event ID 3001 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`TaskId`	—

Event ID 4000 —

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Fields

Name	Description
`User`	—
`Result`	—

Event ID 4001 —

Provider: Microsoft-Windows-AppReadiness
Channel: Operational

Fields

Name	Description
`User`	—
`Result`	—

Event ID 5000 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5001 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5002 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5003 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5004 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5005 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5006 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5007 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5008 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5009 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5010 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5011 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5012 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5013 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5014 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5015 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5016 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5017 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5018 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5019 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5020 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5021 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5022 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5023 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5024 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5025 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5026 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5027 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5028 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5029 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5030 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5031 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5032 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5033 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5034 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5035 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5036 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5037 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5038 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5039 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5040 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5041 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5042 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5043 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5044 — %1 : failed determine if tiles are missing.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

%1 : failed determine if tiles are missing. error=%2

Fields

Name	Description
`User`	—
`Result`	—

Event ID 5045 — %1 : failed to repair missing tiles.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

%1 : failed to repair missing tiles. error=%2

Fields

Name	Description
`User`	—
`Result`	—

Event ID 5046 — %1 : missing tiles detected.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

%1 : missing tiles detected.

Fields

Name	Description
`User`	—

Event ID 5047 — %1 : missing tiles repaired.

Provider: Microsoft-Windows-AppReadiness
Channel: Admin

Message

%1 : missing tiles repaired.

Fields

Name	Description
`User`	—

Event ID 5048 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5049 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5050 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—

Event ID 5051 —

Provider: Microsoft-Windows-AppReadiness
Channel: Debug

Fields

Name	Description
`UserId`	—
`PackageFamilyName`	—
`ActivityId`	—