Microsoft-Windows-DesktopActivityModerator

21 events across 1 channel

Event ID	Title	Channel
1		Diagnostic
4		Diagnostic
9		Diagnostic
11		Diagnostic
19		Diagnostic
21		Diagnostic
22		Diagnostic
23		Diagnostic
24		Diagnostic
25		Diagnostic
26		Diagnostic
31		Diagnostic
32		Diagnostic
41		Diagnostic
42		Diagnostic
51		Diagnostic
52		Diagnostic
53		Diagnostic
54		Diagnostic
60		Diagnostic
61		Diagnostic

Event ID 1 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: StartDriver
Opcode: Start

Event ID 4 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: StartDriver

Event ID 9 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: StartDriver
Opcode: Stop

Fields #

Name	Description
`NTSTATUS` UInt32	—

Event ID 11 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: StopDriver
Opcode: Start

Event ID 19 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: StopDriver
Opcode: Stop

Event ID 21 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: SuspendResume
Opcode: Start

Fields #

Name	Description
`SuspendFlag` Boolean	—

Event ID 22 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: SuspendResume
Opcode: Stop

Fields #

Name	Description
`SuspendFlag` Boolean	—

Event ID 23 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: Throttle
Opcode: Start

Fields #

Name	Description
`SuspendFlag` Boolean	—

Event ID 24 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: Throttle
Opcode: Stop

Fields #

Name	Description
`SuspendFlag` Boolean	—

Event ID 25 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: ResiliencyEngage
Opcode: Start

Fields #

Name	Description
`ActiveFlag` Boolean	—

Event ID 26 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: ResiliencyEngage
Opcode: Stop

Fields #

Name	Description
`ActiveFlag` Boolean	—

Event ID 31 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: ProcessActivity
Opcode: Start

Fields #

Name	Description
`ProcessId` UInt32	—
`SessionId` UInt32	—
`ImageFileNameLength` UInt16	—
`ImageFileName` UnicodeString	—
`CommandLineLength` UInt16	—
`CommandLine` UnicodeString	—

Event ID 32 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: ProcessActivity
Opcode: Stop

Fields #

Name	Description
`ProcessId` UInt32	—
`SessionId` UInt32	—

Event ID 41 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: ProcessExempt

Fields #

Name	Description
`ProcessId` UInt32	—
`SessionId` UInt32	—
`ExemptGroup` UInt32	—
`RegisterAtLaunch` Boolean	—

Event ID 42 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: PolicyReload

Fields #

Name	Description
`PolicyRecords` UInt32	—

Event ID 51 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: PdcCallback

Fields #

Name	Description
`State` UInt32	—
`NTSTATUS` UInt32	—
`WorkItemQueued` Boolean	—

Event ID 52 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: PdcCallback

Fields #

Name	Description
`ClientState` UInt32	—

Event ID 53 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: PdcCallback

Fields #

Name	Description
`Flags` UInt32	—

Event ID 54 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: PdcAcknowledge

Event ID 60 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: IoTrackingPerfTrack
Opcode: Info

Fields #

Name	Description
`DeviceBucket` UInt32	—
`ElapsedTimeMs` UInt32	—
`FastIoCount` UInt32	—
`SlowIoCount` UInt32	—

Event ID 61 —

Provider: Microsoft-Windows-DesktopActivityModerator
Channel: Diagnostic
Task: IoTrackingCallback
Opcode: Info

Fields #

Name	Description
`DeviceType` UInt16	—
`DeviceBucket` UInt32	—
`ElapsedTime` UInt64	—
`SlowIo` Boolean	—