Event ID 110 — Diagnostic module DiagnosticModuleId (DiagnosticModuleImageName) finished troubleshooting scenario ScenarioId, instance InstanceId, original activity ID OriginalActivityId.
Description
Diagnostic module DiagnosticModuleId (DiagnosticModuleImageName) finished troubleshooting scenario ScenarioId, instance InstanceId, original activity ID OriginalActivityId. No resolution was set by the diagnostic module.
Message #
Fields #
| Name | Description |
|---|---|
ScenarioId GUID | — |
InstanceId GUID | — |
OriginalActivityId GUID | — |
DiagnosticModuleImageName UnicodeString | — |
DiagnosticModuleId GUID | — |
Example Event #
{
"system": {
"provider": "Microsoft-Windows-Diagnosis-DPS",
"guid": "6BBA3851-2C7E-4DEA-8F54-31E5AFD029E3",
"event_source_name": "",
"event_id": 110,
"version": 0,
"level": 4,
"task": 1,
"opcode": 14,
"keywords": 4611686052787126272,
"time_created": "2023-11-05T22:33:58.076518+00:00",
"event_record_id": 55,
"correlation": {
"ActivityID": "51DC3142-BD1D-4BBF-9040-E1AF3322EAF0"
},
"execution": {
"process_id": 3160,
"thread_id": 3436
},
"channel": "Microsoft-Windows-Diagnosis-DPS/Operational",
"computer": "WinDev2310Eval",
"security": {
"user_id": "S-1-5-19"
}
},
"event_data": {
"ScenarioId": "86432A0B-3C7D-4DDF-A89C-172FAA90485D",
"InstanceId": "51DC3142-BD1D-4BBF-9040-E1AF3322EAF0",
"OriginalActivityId": "86432A0B-3C7D-4DDF-A89C-172FAA90485D",
"DiagnosticModuleImageName": "%SystemRoot%\\system32\\diagperf.dll",
"DiagnosticModuleId": "C8544339-5BE9-4F25-862E-485F1B1A6935"
},
"message": ""
}
References #
- Example event sourced from https://github.com/NextronSystems/evtx-baseline