Event ID 125 — Diagnostic module DiagnosticModuleId (DiagnosticModuleImageName) started resolving scenario ScenarioId, instance InstanceId, original activity ID OriginalActivityId.
Description
Diagnostic module DiagnosticModuleId (DiagnosticModuleImageName) started resolving scenario ScenarioId, instance InstanceId, original activity ID OriginalActivityId.
Message #
Fields #
| Name | Description |
|---|---|
ScenarioId GUID | — |
InstanceId GUID | — |
OriginalActivityId GUID | — |
DiagnosticModuleImageName UnicodeString | — |
DiagnosticModuleId GUID | — |
Example Event #
{
"system": {
"provider": "Microsoft-Windows-Diagnosis-DPS",
"guid": "6BBA3851-2C7E-4DEA-8F54-31E5AFD029E3",
"event_source_name": "",
"event_id": 125,
"version": 0,
"level": 4,
"task": 1,
"opcode": 17,
"keywords": 4611686052787126272,
"time_created": "2023-11-06T01:57:37.136481+00:00",
"event_record_id": 73,
"correlation": {
"ActivityID": "44552D3D-0E8F-4E4A-B552-A11F4B96A461"
},
"execution": {
"process_id": 3160,
"thread_id": 20000
},
"channel": "Microsoft-Windows-Diagnosis-DPS/Operational",
"computer": "WinDev2310Eval",
"security": {
"user_id": "S-1-5-19"
}
},
"event_data": {
"ScenarioId": "180B3A99-8C39-4F12-B631-2031998EFE45",
"InstanceId": "44552D3D-0E8F-4E4A-B552-A11F4B96A461",
"OriginalActivityId": "00000000-0000-0000-0000-000000000000",
"DiagnosticModuleImageName": "%windir%\\system32\\radarrs.dll",
"DiagnosticModuleId": "5EE64AFB-398D-4EDB-AF71-3B830219ABF7"
},
"message": ""
}
References #
- Example event sourced from https://github.com/NextronSystems/evtx-baseline