Event ID 100 — Diagnostic module DiagnosticModuleId (DiagnosticModuleImageName) detected a problem for scenario ScenarioId, instance InstanceId, original activity ID OriginalActivityId.

Provider: Microsoft-Windows-Diagnosis-DPS
Channel: Operational
Level: Informational
Task: ScenarioLifecycle
Opcode: Adiagnosticmoduledetectedaproblem

Description

Diagnostic module DiagnosticModuleId (DiagnosticModuleImageName) detected a problem for scenario ScenarioId, instance InstanceId, original activity ID OriginalActivityId.

Message #

Diagnostic module %5 (%4) detected a problem for scenario %1, instance %2, original activity ID %3.

Fields #

Name	Description
`ScenarioId` GUID	—
`InstanceId` GUID	—
`OriginalActivityId` GUID	—
`DiagnosticModuleImageName` UnicodeString	—
`DiagnosticModuleId` GUID	—

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-DPS",
    "guid": "6BBA3851-2C7E-4DEA-8F54-31E5AFD029E3",
    "event_source_name": "",
    "event_id": 100,
    "version": 0,
    "level": 4,
    "task": 1,
    "opcode": 12,
    "keywords": 4611686052787126272,
    "time_created": "2023-11-06T06:25:44.322448+00:00",
    "event_record_id": 41,
    "correlation": {
      "ActivityID": "208FDFDB-A4DB-420F-A514-9C4315A6B7D9"
    },
    "execution": {
      "process_id": 3724,
      "thread_id": 4228
    },
    "channel": "Microsoft-Windows-Diagnosis-DPS/Operational",
    "computer": "WinDev2310Eval",
    "security": {
      "user_id": "S-1-5-19"
    }
  },
  "event_data": {
    "ScenarioId": "2698178D-FDAD-40AE-9D3C-1371703ADC5B",
    "InstanceId": "208FDFDB-A4DB-420F-A514-9C4315A6B7D9",
    "OriginalActivityId": "2698178D-FDAD-40AE-9D3C-1371703ADC5B",
    "DiagnosticModuleImageName": "%SystemRoot%\\system32\\diagperf.dll",
    "DiagnosticModuleId": "15FBA3B8-A37A-4F91-BDBA-FBB98FE804BF"
  },
  "message": ""
}

References #

Example event sourced from https://github.com/NextronSystems/evtx-baseline