Microsoft-Windows-Diagnosis-PLA

48 events across 2 channels

Event ID	Title	Channel
1000	Data collector set DataCollectorSetCreation.Name was created by …	Operational
1001	Data collector set DataCollectorSetEdit.Name was changed by …	Operational
1002	Data collector set DataCollectorSetDeletion.Name was deleted by …	Operational
1003	Data collector set DataCollectorSetStart.Name started as …	Operational
1004	Data collector set Name failed to start as User with error code Error.	Operational
1005	Data collector set DataCollectorSetStop.Name stopped.	Operational
1006	Data collector set Name stopped because of error Error.	Operational
1007	Data collector set Name launched task TaskName.	Operational
1008	Data collector set Name failed to launch task TaskName with error code Error.	Operational
1009	PLA upgrade failed with error code Error.	Operational
1010	Counter CounterName could not be added to collector Name, error code is Error.	Operational
1011	Configuration data collector DataCollecotrSet\Name completed.	Operational
1012	Data collector set Name is compiling.	Operational
1013	Data collector set Name segmented.	Operational
1014	Alert Data Collector Name in Data Collector Set DataCollecotrSet failed to start …	Operational
1015	Alert Data Collector Name in Data Collector Set DataCollecotrSet failed to start …	Operational
1016	Alert Data Collector Name in Data Collector Set DataCollecotrSet failed to write …	Operational
1017	PLA failed to send cabinet file CabName to server ServerName, error code is …	Operational
2031	Message.	Operational
3000	Description.	Operational
3001	Description.	Operational
3002	Description.	Operational
5001		Debug
5002		Debug
5003		Debug
5004		Debug
5005		Debug
5006		Debug
5007		Debug
5008		Debug
5009		Debug
5010		Debug
5011		Debug
5012		Debug
5013		Debug
5014		Debug
5015		Debug
5016		Debug
5017		Debug
5018		Debug
5019		Debug
5020		Debug
5021		Debug
5022		Debug
5023		Debug
5024		Debug
5025		Debug
5026		Debug

Event ID 1000 — Data collector set DataCollectorSetCreation.Name was created by DataCollectorSetCreation.UserName.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational
Level: Informational

Description

Data collector set DataCollectorSetCreation.Name was created by DataCollectorSetCreation.UserName.

Message #

Data collector set %1 was created by %2.

Fields #

Name	Description
`DataCollectorSetCreation.Name` UnicodeString	—
`DataCollectorSetCreation.UserName`	—
`Name` UnicodeString	—
`User` UnicodeString	—

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-PLA",
    "guid": "E4D53F84-7DE3-11D8-9435-505054503030",
    "event_source_name": "",
    "event_id": 1000,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T22:03:17.259228+00:00",
    "event_record_id": 1,
    "correlation": {},
    "execution": {
      "process_id": 11200,
      "thread_id": 10592
    },
    "channel": "Microsoft-Windows-Diagnosis-PLA/Operational",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-21-1006758700-2167138679-1475694448-1105"
    }
  },
  "user_data": {
    "DataCollectorSetCreation": {
      "Name": "TestEventCollector",
      "UserName": "ludus\\domainadmin"
    }
  },
  "message": ""
}

Event ID 1001 — Data collector set DataCollectorSetEdit.Name was changed by DataCollectorSetEdit.UserName.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational
Level: Informational

Description

Data collector set DataCollectorSetEdit.Name was changed by DataCollectorSetEdit.UserName.

Message #

Data collector set %1 was changed by %2.

Fields #

Name	Description
`DataCollectorSetEdit.Name` UnicodeString	—
`DataCollectorSetEdit.UserName`	—
`Name` UnicodeString	—
`User` UnicodeString	—

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-PLA",
    "guid": "E4D53F84-7DE3-11D8-9435-505054503030",
    "event_source_name": "",
    "event_id": 1001,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T22:03:18.006697+00:00",
    "event_record_id": 2,
    "correlation": {},
    "execution": {
      "process_id": 10872,
      "thread_id": 11492
    },
    "channel": "Microsoft-Windows-Diagnosis-PLA/Operational",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-19"
    }
  },
  "user_data": {
    "DataCollectorSetEdit": {
      "Name": "TestEventCollector",
      "UserName": "NT AUTHORITY\\LOCAL SERVICE"
    }
  },
  "message": ""
}

Event ID 1002 — Data collector set DataCollectorSetDeletion.Name was deleted by DataCollectorSetDeletion.UserName.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational
Level: Informational

Description

Data collector set DataCollectorSetDeletion.Name was deleted by DataCollectorSetDeletion.UserName.

Message #

Data collector set %1 was deleted by %2.

Fields #

Name	Description
`DataCollectorSetDeletion.Name` UnicodeString	—
`DataCollectorSetDeletion.UserName`	—
`Name` UnicodeString	—
`User` UnicodeString	—

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-PLA",
    "guid": "E4D53F84-7DE3-11D8-9435-505054503030",
    "event_source_name": "",
    "event_id": 1002,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T22:03:24.662101+00:00",
    "event_record_id": 5,
    "correlation": {},
    "execution": {
      "process_id": 8176,
      "thread_id": 4812
    },
    "channel": "Microsoft-Windows-Diagnosis-PLA/Operational",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-21-1006758700-2167138679-1475694448-1105"
    }
  },
  "user_data": {
    "DataCollectorSetDeletion": {
      "Name": "TestEventCollector",
      "UserName": "ludus\\domainadmin"
    }
  },
  "message": ""
}

Event ID 1003 — Data collector set DataCollectorSetStart.Name started as DataCollectorSetStart.UserName.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational
Level: Informational

Description

Data collector set DataCollectorSetStart.Name started as DataCollectorSetStart.UserName.

Message #

Data collector set %1 started as %3.

Fields #

Name	Description
`DataCollectorSetStart.Name` UnicodeString	—
`DataCollectorSetStart.Key` UnicodeString	—
`DataCollectorSetStart.UserName`	—
`Name` UnicodeString	—
`Key` UnicodeString	—
`User` UnicodeString	—

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-PLA",
    "guid": "E4D53F84-7DE3-11D8-9435-505054503030",
    "event_source_name": "",
    "event_id": 1003,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T22:03:18.022218+00:00",
    "event_record_id": 3,
    "correlation": {},
    "execution": {
      "process_id": 12224,
      "thread_id": 11396
    },
    "channel": "Microsoft-Windows-Diagnosis-PLA/Operational",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "DataCollectorSetStart": {
      "Name": "TestEventCollector",
      "Key": "0x1944_0x1eac_0x225e1a275",
      "UserName": "ludus\\LAB-DC01$"
    }
  },
  "message": ""
}

Event ID 1004 — Data collector set Name failed to start as User with error code Error.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Data collector set Name failed to start as User with error code Error.

Message #

Data collector set %1 failed to start as %3 with error code %4.

Fields #

Name	Description
`Name` UnicodeString	—
`Key` UnicodeString	—
`User` UnicodeString	—
`Error` UInt32	—

Event ID 1005 — Data collector set DataCollectorSetStop.Name stopped.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational
Level: Informational

Description

Data collector set DataCollectorSetStop.Name stopped.

Message #

Data collector set %1 stopped.

Fields #

Name	Description
`DataCollectorSetStop.Name` UnicodeString	—
`Name` UnicodeString	—

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-PLA",
    "guid": "E4D53F84-7DE3-11D8-9435-505054503030",
    "event_source_name": "",
    "event_id": 1005,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T22:03:23.041732+00:00",
    "event_record_id": 4,
    "correlation": {},
    "execution": {
      "process_id": 12224,
      "thread_id": 5752
    },
    "channel": "Microsoft-Windows-Diagnosis-PLA/Operational",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "DataCollectorSetStop": {
      "Name": "TestEventCollector"
    }
  },
  "message": ""
}

Event ID 1006 — Data collector set Name stopped because of error Error.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Data collector set Name stopped because of error Error.

Message #

Data collector set %1 stopped because of error %2.

Fields #

Name	Description
`Name` UnicodeString	—
`Error` UInt32	—

Event ID 1007 — Data collector set Name launched task TaskName.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Data collector set Name launched task TaskName.

Message #

Data collector set %1 launched task %2.

Fields #

Name	Description
`Name` UnicodeString	—
`TaskName` UnicodeString	—

Event ID 1008 — Data collector set Name failed to launch task TaskName with error code Error.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Data collector set Name failed to launch task TaskName with error code Error.

Message #

Data collector set %1 failed to launch task %2 with error code %3.

Fields #

Name	Description
`Name` UnicodeString	—
`TaskName` UnicodeString	—
`Error` UInt32	—

Event ID 1009 — PLA upgrade failed with error code Error.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

PLA upgrade failed with error code Error.

Message #

PLA upgrade failed with error code %1.

Fields #

Name	Description
`Error` UInt32	—

Event ID 1010 — Counter CounterName could not be added to collector Name, error code is Error.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Counter CounterName could not be added to collector Name, error code is Error.

Message #

Counter %2 could not be added to collector %1, error code is %3.

Fields #

Name	Description
`Name` UnicodeString	—
`CounterName` UnicodeString	—
`Error` UInt32	—

Event ID 1011 — Configuration data collector DataCollecotrSet\Name completed.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Configuration data collector DataCollecotrSet\Name completed.

Message #

Configuration data collector %1\%2 completed.

Fields #

Name	Description
`DataCollecotrSet` UnicodeString	—
`Name` UnicodeString	—

Event ID 1012 — Data collector set Name is compiling.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Data collector set Name is compiling.

Message #

Data collector set %1 is compiling.

Fields #

Name	Description
`Name` UnicodeString	—

Event ID 1013 — Data collector set Name segmented.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Data collector set Name segmented.

Message #

Data collector set %1 segmented.

Fields #

Name	Description
`Name` UnicodeString	—

Event ID 1014 — Alert Data Collector Name in Data Collector Set DataCollecotrSet failed to start task, error code is Error.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Alert Data Collector Name in Data Collector Set DataCollecotrSet failed to start task, error code is Error.

Message #

Alert Data Collector %2 in Data Collector Set %1 failed to start task, error code is %3.

Fields #

Name	Description
`DataCollecotrSet` UnicodeString	—
`Name` UnicodeString	—
`Error` UInt32	—

Event ID 1015 — Alert Data Collector Name in Data Collector Set DataCollecotrSet failed to start Data Collector Set, error code is Error.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Alert Data Collector Name in Data Collector Set DataCollecotrSet failed to start Data Collector Set, error code is Error.

Message #

Alert Data Collector %2 in Data Collector Set %1 failed to start Data Collector Set, error code is %3.

Fields #

Name	Description
`DataCollecotrSet` UnicodeString	—
`Name` UnicodeString	—
`Error` UInt32	—

Event ID 1016 — Alert Data Collector Name in Data Collector Set DataCollecotrSet failed to write event log event, error code is Error.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

Alert Data Collector Name in Data Collector Set DataCollecotrSet failed to write event log event, error code is Error.

Message #

Alert Data Collector %2 in Data Collector Set %1 failed to write event log event, error code is %3.

Fields #

Name	Description
`DataCollecotrSet` UnicodeString	—
`Name` UnicodeString	—
`Error` UInt32	—

Event ID 1017 — PLA failed to send cabinet file CabName to server ServerName, error code is Error.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Description

PLA failed to send cabinet file CabName to server ServerName, error code is Error.

Message #

PLA failed to send cabinet file %2 to server %1, error code is %3.

Fields #

Name	Description
`ServerName` UnicodeString	—
`CabName` UnicodeString	—
`Error` UInt32	—

Event ID 2031 — Message.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Message #

%5

Fields #

Name	Description
`Counter` UnicodeString	—
`Value` UnicodeString	—
`Operator` UnicodeString	—
`Threshold` UnicodeString	—
`Message` UnicodeString	—

Event ID 3000 — Description.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Message #

%2

Fields #

Name	Description
`ReportFileName` UnicodeString	—
`Description` UnicodeString	—

Event ID 3001 — Description.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Message #

%2

Fields #

Name	Description
`ReportFileName` UnicodeString	—
`Description` UnicodeString	—

Event ID 3002 — Description.

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Operational

Message #

%2

Fields #

Name	Description
`ReportFileName` UnicodeString	—
`Description` UnicodeString	—

Event ID 5001 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`BuildNumber` UInt32	—
`BuildType` AnsiString	—

Event ID 5002 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`BuildNumber` UInt32	—
`BuildType` AnsiString	—

Event ID 5003 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Reason` UInt32	—
`Result` UInt32	—

Event ID 5004 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` UnicodeString	—
`FileName` UnicodeString	—

Event ID 5005 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` UnicodeString	—
`SerialNumber` UInt32	—

Event ID 5006 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` UnicodeString	—

Event ID 5007 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` UnicodeString	—

Event ID 5008 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` UnicodeString	—
`SerialNumber` UInt32	—

Event ID 5009 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` UnicodeString	—
`Index` UInt32	—

Event ID 5010 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` UnicodeString	—

Event ID 5011 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` UnicodeString	—
`FileName` UnicodeString	—

Event ID 5012 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` UnicodeString	—

Event ID 5013 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Message` UnicodeString	—
`FileName` AnsiString	—
`Line` UInt32	—

Event ID 5014 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`FileName` AnsiString	—
`Line` UInt32	—
`Address` Pointer	—
`Size` Pointer	—

Event ID 5015 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`FileName` AnsiString	—
`Line` UInt32	—
`Address` Pointer	—

Event ID 5016 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`FileName` AnsiString	—
`Line` UInt32	—
`Address` Pointer	—
`Size` Pointer	—

Event ID 5017 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`FileName` AnsiString	—
`Line` UInt32	—
`Address` Pointer	—

Event ID 5018 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`FileName` AnsiString	—
`Line` UInt32	—
`Address` Pointer	—
`Size` Pointer	—
`OrigAddress` Pointer	—

Event ID 5019 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`FileName` AnsiString	—
`Line` UInt32	—
`Address` Pointer	—
`Size` Pointer	—

Event ID 5020 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`FileName` AnsiString	—
`Line` UInt32	—
`Address` Pointer	—

Event ID 5021 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` AnsiString	—
`Address` Pointer	—

Event ID 5022 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` AnsiString	—
`Address` Pointer	—

Event ID 5023 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` AnsiString	—
`Address` Pointer	—
`RefCount` UInt32	—

Event ID 5024 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` AnsiString	—
`Address` Pointer	—
`RefCount` UInt32	—

Event ID 5025 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Name` AnsiString	—
`Address` Pointer	—
`RefCount` UInt32	—

Event ID 5026 —

Provider: Microsoft-Windows-Diagnosis-PLA
Channel: Debug

Fields #

Name	Description
`Error` UInt32	—
`FileName` AnsiString	—
`Line` UInt32	—
`Function` AnsiString	—
`User` UnicodeString	—