Description

The scripted diagnostic engine executed a diagnostic package located at PackagePath with ID PackageId.

Message #

The scripted diagnostic engine executed a diagnostic package located at %1 with ID %2.

Fields #

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-Scripted",
    "guid": "E1DD7E52-621D-44E3-A1AD-0370C2B25946",
    "event_source_name": "",
    "event_id": 1,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372054034644992,
    "time_created": "2022-04-04T07:40:10.131934+00:00",
    "event_record_id": 1,
    "correlation": {},
    "execution": {
      "process_id": 4124,
      "thread_id": 4192
    },
    "channel": "Microsoft-Windows-Diagnosis-Scripted/Admin",
    "computer": "WIN-TKC15D7KHUR",
    "security": {
      "user_id": "S-1-5-21-1958040314-2592322477-2606035944-500"
    }
  },
  "event_data": {
    "PackagePath": "C:\\Windows\\diagnostics\\scheduled\\Maintenance",
    "PackageId": "MaintenanceDiagnostic"
  },
  "message": ""
}

References #

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Description

The scripted diagnostic engine started initializing a diagnostic package located at PackagePath.

Message #

The scripted diagnostic engine started initializing a diagnostic package located at %1.

Fields #

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-Scripted",
    "guid": "E1DD7E52-621D-44E3-A1AD-0370C2B25946",
    "event_source_name": "",
    "event_id": 101,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686052787126272,
    "time_created": "2022-04-04T07:40:09.755421+00:00",
    "event_record_id": 1,
    "correlation": {},
    "execution": {
      "process_id": 4124,
      "thread_id": 4192
    },
    "channel": "Microsoft-Windows-Diagnosis-Scripted/Operational",
    "computer": "WIN-TKC15D7KHUR",
    "security": {
      "user_id": "S-1-5-21-1958040314-2592322477-2606035944-500"
    }
  },
  "event_data": {
    "PackagePath": "C:\\Windows\\diagnostics\\scheduled\\Maintenance"
  },
  "message": ""
}

References #

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Description

The scripted diagnostic engine completed initializing a diagnostic package located at PackagePath.

Message #

The scripted diagnostic engine completed initializing a diagnostic package located at %1.

Fields #

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-Scripted",
    "guid": "E1DD7E52-621D-44E3-A1AD-0370C2B25946",
    "event_source_name": "",
    "event_id": 102,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686052787126272,
    "time_created": "2022-04-04T07:40:10.131933+00:00",
    "event_record_id": 2,
    "correlation": {},
    "execution": {
      "process_id": 4124,
      "thread_id": 4192
    },
    "channel": "Microsoft-Windows-Diagnosis-Scripted/Operational",
    "computer": "WIN-TKC15D7KHUR",
    "security": {
      "user_id": "S-1-5-21-1958040314-2592322477-2606035944-500"
    }
  },
  "event_data": {
    "PackagePath": "C:\\Windows\\diagnostics\\scheduled\\Maintenance"
  },
  "message": ""
}

References #

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Description

The scripted diagnostic engine started diagnosing the diagnostic package PackageId.

Message #

The scripted diagnostic engine started diagnosing the diagnostic package %1.

Fields #

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-Scripted",
    "guid": "E1DD7E52-621D-44E3-A1AD-0370C2B25946",
    "event_source_name": "",
    "event_id": 103,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686052787126272,
    "time_created": "2022-04-04T07:40:10.133706+00:00",
    "event_record_id": 3,
    "correlation": {},
    "execution": {
      "process_id": 4124,
      "thread_id": 4192
    },
    "channel": "Microsoft-Windows-Diagnosis-Scripted/Operational",
    "computer": "WIN-TKC15D7KHUR",
    "security": {
      "user_id": "S-1-5-21-1958040314-2592322477-2606035944-500"
    }
  },
  "event_data": {
    "PackageId": "MaintenanceDiagnostic"
  },
  "message": ""
}

References #

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Description

The scripted diagnostic engine completed diagnosing the diagnostic package PackageId.

Message #

The scripted diagnostic engine completed diagnosing the diagnostic package %1.

Fields #

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Diagnosis-Scripted",
    "guid": "E1DD7E52-621D-44E3-A1AD-0370C2B25946",
    "event_source_name": "",
    "event_id": 104,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686052787126272,
    "time_created": "2022-04-04T07:40:22.886890+00:00",
    "event_record_id": 4,
    "correlation": {},
    "execution": {
      "process_id": 4124,
      "thread_id": 4192
    },
    "channel": "Microsoft-Windows-Diagnosis-Scripted/Operational",
    "computer": "WIN-TKC15D7KHUR",
    "security": {
      "user_id": "S-1-5-21-1958040314-2592322477-2606035944-500"
    }
  },
  "event_data": {
    "PackageId": "MaintenanceDiagnostic"
  },
  "message": ""
}

References #

• Example event sourced from https://github.com/NextronSystems/evtx-baseline

Description

The scripted diagnostic engine started running the resolution ResolutionId in the diagnostic package PackageId.

Message #

The scripted diagnostic engine started running the resolution %2 in the diagnostic package %1.

Fields #

Description

The scripted diagnostic engine completed running the resolution ResolutionId in the diagnostic package PackageId.

Message #

The scripted diagnostic engine completed running the resolution %2 in the diagnostic package %1.

Fields #

Description

The scripted diagnostic engine started verifying the diagnostic package PackageId.

Message #

The scripted diagnostic engine started verifying the diagnostic package %1.

Fields #

Description

The scripted diagnostic engine completed verifying the diagnostic package PackageId.

Message #

The scripted diagnostic engine completed verifying the diagnostic package %1.

Fields #

Description

The scripted diagnostic engine has encountered an error Status.

Message #

The scripted diagnostic engine has encountered an error %1.

Fields #

Description

The scripted diagnostic engine has encountered an error in function FunctionName, line LineNumber: ErrorCode.

Message #

The scripted diagnostic engine has encountered an error in function %1, line %2: %3.

Fields #

Description

Rootcause RootCauseId was detected in package PackageId.

Message #

Rootcause %2 was detected in package %1.

Fields #

Description

Rootcause RootCauseId was resolved in package PackageId.

Message #

Rootcause %2 was resolved in package %1.

Fields #

Description

The scripted diagnostic engine has entered a performance tracing section.

Message #

The scripted diagnostic engine has entered a performance tracing section.

Description

The scripted diagnostic engine has exited a performance tracing section..

Message #

The scripted diagnostic engine has exited a performance tracing section..

Description

The scripted diagnostic engine has entered a performance tracing section.

Message #

The scripted diagnostic engine has entered a performance tracing section.

Description

The scripted diagnostic engine has exited a performance tracing section..

Message #

The scripted diagnostic engine has exited a performance tracing section..

Description

The scripted diagnostic engine has entered a performance tracing section.

Message #

The scripted diagnostic engine has entered a performance tracing section.

Description

The scripted diagnostic engine has exited a performance tracing section..

Message #

The scripted diagnostic engine has exited a performance tracing section..

Description

The scripted diagnostic engine has entered a performance tracing section.

Message #

The scripted diagnostic engine has entered a performance tracing section.

Description

The scripted diagnostic engine has exited a performance tracing section..

Message #

The scripted diagnostic engine has exited a performance tracing section..

Description

The scripted diagnostic engine has entered a performance tracing section.

Message #

The scripted diagnostic engine has entered a performance tracing section.

Description

The scripted diagnostic engine has exited a performance tracing section..

Message #

The scripted diagnostic engine has exited a performance tracing section..

Description

The scripted diagnostic engine has entered a performance tracing section.

Message #

The scripted diagnostic engine has entered a performance tracing section.

Description

The scripted diagnostic engine has exited a performance tracing section..

Message #

The scripted diagnostic engine has exited a performance tracing section..