Microsoft-Windows-PktMon

32 events across 1 channel

Event ID	Title	Channel
10	PktMon driver failed to load.	Operational
20	Component %1, Type %2, Name %3, %4.	Operational
30	Property: Component %1, %2 = %3.	Operational
40	Property: Component %1, %2 = %3.	Operational
50	Property: Component %1, %2 = %3.	Operational
60	Property: Component %1, %2 = %3.	Operational
65	Property: Component %1, %2 = %3.	Operational
66	Property: Component %1, %2 = %3.	Operational
70	Property: Component %1, %2 = %4.	Operational
73	Property: Component %1, %2 = %3.	Operational
75	Property: Component %1, %2 = %3.	Operational
80	Drop Counters: Component %1, Direction In = %2, Packets In %3, Bytes In %4, …	Operational
90	Flow Counters: Component %1, Edge %2, Edge Id %3, Direction In = %4, Packets In …	Operational
100	Packet Filter %1, Name %2, MAC-1 %3, MAC-2 %4, EtherType %5, VlanId %6, IP-1 %7, …	Operational
110	Packet Filter %1, Name %2, MAC-1 %3, MAC-2 %4, EtherType %5, VlanId %6, IP-1 %7, …	Operational
120	MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, …	Operational
130	MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, …	Operational
140	Drop: MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, …	Operational
150	Drop: MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, …	Operational
160	PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, …	Operational
170	Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, …	Operational
180	TcpIpChecksum %11, TcpLargeSend %12, Ieee8021Q %13, HashInfo %14, HashValue %15, …	Operational
190	Drop: TcpIpChecksum %11, TcpLargeSend %12, Ieee8021Q %13, HashInfo %14, …	Operational
200	Direction %1, Type %2, Component %3, Edge %4, Filter %5, OriginalSize %13, …	Operational
210	Drop: Direction %1, Type %2, Component %3, Filter %5, DropReason %6, …	Operational
220	Direction %1, Type %2, Component %3, Edge %4, Filter %5, OriginalSize %13, …	Operational
230	Drop: Direction %1, Type %2, Component %3, Filter %5, DropReason %6, …	Operational
240	Duplicate Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type …	Operational
250	PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, …	Operational
260	Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, …	Operational
270	Component added: Id %1, Type %2, Name %3, %4.	Operational
280	Component removed: Id %1, Type %2, Name %3, %4.	Operational

Event ID 10 — PktMon driver failed to load.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

PktMon driver failed to load. Error: %1.

Fields

Name	Description
`Status`	—

Event ID 20 — Component %1, Type %2, Name %3, %4.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Component %1, Type %2, Name %3, %4

Fields

Name	Description
`Id`	—
`Type`	—
`Name`	—
`Description`	—

Event ID 30 — Property: Component %1, %2 = %3.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Property: Component %1, %2 = %3

Fields

Name	Description
`ComponentId`	—
`Type`	—
`Value`	—

Event ID 40 — Property: Component %1, %2 = %3.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Property: Component %1, %2 = %3

Fields

Name	Description
`ComponentId`	—
`Type`	—
`Value`	—

Event ID 50 — Property: Component %1, %2 = %3.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Property: Component %1, %2 = %3

Fields

Name	Description
`ComponentId`	—
`Type`	—
`Value`	—

Event ID 60 — Property: Component %1, %2 = %3.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Property: Component %1, %2 = %3

Fields

Name	Description
`ComponentId`	—
`Type`	—
`Value`	—

Event ID 65 — Property: Component %1, %2 = %3.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Property: Component %1, %2 = %3

Fields

Name	Description
`ComponentId`	—
`Type`	—
`IpAddress`	—

Event ID 66 — Property: Component %1, %2 = %3.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Property: Component %1, %2 = %3

Fields

Name	Description
`ComponentId`	—
`Type`	—
`IpAddress`	—

Event ID 70 — Property: Component %1, %2 = %4.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Property: Component %1, %2 = %4

Fields

Name	Description
`ComponentId`	—
`Type`	—
`Size`	—
`Value`	—

Event ID 73 — Property: Component %1, %2 = %3.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Property: Component %1, %2 = %3

Fields

Name	Description
`ComponentId`	—
`Type`	—
`Value`	—

Event ID 75 — Property: Component %1, %2 = %3.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Property: Component %1, %2 = %3

Fields

Name	Description
`ComponentId`	—
`Type`	—
`EtherType`	—

Event ID 80 — Drop Counters: Component %1, Direction In = %2, Packets In %3, Bytes In %4, Direction Out = %5, Packets Out %6, Bytes Out %7.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Drop Counters: Component %1, Direction In = %2, Packets In %3, Bytes In %4, Direction Out = %5, Packets Out %6, Bytes Out %7

Fields

Name	Description
`ComponentId`	—
`DirTagIn`	—
`PacketsIn`	—
`BytesIn`	—
`DirTagOut`	—
`PacketsOut`	—
`BytesOut`	—

Event ID 90 — Flow Counters: Component %1, Edge %2, Edge Id %3, Direction In = %4, Packets In %5, Bytes In %6, Direction Out = %7, Packets Out %8, Bytes Out %9.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Flow Counters: Component %1, Edge %2, Edge Id %3, Direction In = %4, Packets In %5, Bytes In %6, Direction Out = %7, Packets Out %8, Bytes Out %9

Fields

Name	Description
`ComponentId`	—
`EdgeName`	—
`EdgeId`	—
`DirTagIn`	—
`PacketsIn`	—
`BytesIn`	—
`DirTagOut`	—
`PacketsOut`	—
`BytesOut`	—

Event ID 100 — Packet Filter %1, Name %2, MAC-1 %3, MAC-2 %4, EtherType %5, VlanId %6, IP-1 %7, IP-2 %8, Protocol %9, Port-1 %10, Port-2 %11, TCPFlags %12.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Packet Filter %1, Name %2, MAC-1 %3, MAC-2 %4, EtherType %5, VlanId %6, IP-1 %7, IP-2 %8, Protocol %9, Port-1 %10, Port-2 %11, TCPFlags %12

Fields

Name	Description
`FilterId`	—
`FilterName`	—
`MacAddress1`	—
`MacAddress2`	—
`EtherType`	—
`VlanId`	—
`IpAddress1`	—
`IpAddress2`	—
`Protocol`	—
`Port1`	—
`Port2`	—
`TCPFlags`	—

Event ID 110 — Packet Filter %1, Name %2, MAC-1 %3, MAC-2 %4, EtherType %5, VlanId %6, IP-1 %7, IP-2 %8, Protocol %9, Port-1 %10, Port-2 %11, TCPFlags %12.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Packet Filter %1, Name %2, MAC-1 %3, MAC-2 %4, EtherType %5, VlanId %6, IP-1 %7, IP-2 %8, Protocol %9, Port-1 %10, Port-2 %11, TCPFlags %12

Fields

Name	Description
`FilterId`	—
`FilterName`	—
`MacAddress1`	—
`MacAddress2`	—
`EtherType`	—
`VlanId`	—
`IpAddress1`	—
`IpAddress2`	—
`Protocol`	—
`Port1`	—
`Port2`	—
`TCPFlags`	—

Event ID 120 — MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktC...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktCount %12, Appearance %13, Direction %14, Type %15, Component %16, Edge %17, Filter %18

Fields

Name	Description
`DestinationMAC`	—
`SourceMAC`	—
`EtherType`	—
`VlanId`	—
`DestinationIP`	—
`SourceIP`	—
`Protocol`	—
`DestinationPort`	—
`SourcePort`	—
`TCPFlags`	—
`PktGroupId`	—
`PktCount`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—

Event ID 130 — MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktC...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktCount %12, Appearance %13, Direction %14, Type %15, Component %16, Edge %17, Filter %18

Fields

Name	Description
`DestinationMAC`	—
`SourceMAC`	—
`EtherType`	—
`VlanId`	—
`DestinationIP`	—
`SourceIP`	—
`Protocol`	—
`DestinationPort`	—
`SourcePort`	—
`TCPFlags`	—
`PktGroupId`	—
`PktCount`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—

Event ID 140 — Drop: MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Drop: MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktCount %12, Appearance %13, Direction %14, Type %15, Component %16, Edge %17, Filter %18, DropReason %19, DropLocation %20

Fields

Name	Description
`DestinationMAC`	—
`SourceMAC`	—
`EtherType`	—
`VlanId`	—
`DestinationIP`	—
`SourceIP`	—
`Protocol`	—
`DestinationPort`	—
`SourcePort`	—
`TCPFlags`	—
`PktGroupId`	—
`PktCount`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—

Event ID 150 — Drop: MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Drop: MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktCount %12, Appearance %13, Direction %14, Type %15, Component %16, Edge %17, Filter %18, DropReason %19, DropLocation %20

Fields

Name	Description
`DestinationMAC`	—
`SourceMAC`	—
`EtherType`	—
`VlanId`	—
`DestinationIP`	—
`SourceIP`	—
`Protocol`	—
`DestinationPort`	—
`SourcePort`	—
`TCPFlags`	—
`PktGroupId`	—
`PktCount`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—

Event ID 160 — PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, Filter %8, OriginalSize %11, LoggedSize %12.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, Filter %8, OriginalSize %11, LoggedSize %12

Fields

Name	Description
`PktGroupId`	—
`PktNumber`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`OriginalPayloadSize`	—
`LoggedPayloadSize`	—
`Payload`	—

Event ID 170 — Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Filter %8, DropReason %9, DropLocation %10, OriginalSize %11...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Filter %8, DropReason %9, DropLocation %10, OriginalSize %11, LoggedSize %12

Fields

Name	Description
`PktGroupId`	—
`PktNumber`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`OriginalPayloadSize`	—
`LoggedPayloadSize`	—
`Payload`	—

Event ID 180 — TcpIpChecksum %11, TcpLargeSend %12, Ieee8021Q %13, HashInfo %14, HashValue %15, VirtualSubnetInfo %16, TcpRecvSegCoalesceInfo %17, NrtNameResoluti...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

TcpIpChecksum %11, TcpLargeSend %12, Ieee8021Q %13, HashInfo %14, HashValue %15, VirtualSubnetInfo %16, TcpRecvSegCoalesceInfo %17, NrtNameResolutionId %18, TcpSendOffloadsSupplementalInfo %19, SwitchForwardingDetail %20, GftOffloadInfo %21, GftFlowEntryId %22, PktGroupId %1, PktCount %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, Filter %8

Fields

Name	Description
`PktGroupId`	—
`PktCount`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`TcpIpChecksum`	—
`TcpLargeSend`	—
`Ieee8021Q`	—
`HashInfo`	—
`HashValue`	—
`VirtualSubnetInfo`	—
`TcpRecvSegCoalesceInfo`	—
`NrtNameResolutionId`	—
`TcpSendOffloadsSupplementalInfo`	—
`SwitchForwardingDetail`	—
`GftOffloadInfo`	—
`GftFlowEntryId`	—

Event ID 190 — Drop: TcpIpChecksum %11, TcpLargeSend %12, Ieee8021Q %13, HashInfo %14, HashValue %15, VirtualSubnetInfo %16, TcpRecvSegCoalesceInfo %17, NrtNameRe...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Drop: TcpIpChecksum %11, TcpLargeSend %12, Ieee8021Q %13, HashInfo %14, HashValue %15, VirtualSubnetInfo %16, TcpRecvSegCoalesceInfo %17, NrtNameResolutionId %18, TcpSendOffloadsSupplementalInfo %19, SwitchForwardingDetail %20, GftOffloadInfo %21, GftFlowEntryId %22, PktGroupId %1, PktCount %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, Filter %8, DropReason %9, DropLocation %10

Fields

Name	Description
`PktGroupId`	—
`PktCount`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`TcpIpChecksum`	—
`TcpLargeSend`	—
`Ieee8021Q`	—
`HashInfo`	—
`HashValue`	—
`VirtualSubnetInfo`	—
`TcpRecvSegCoalesceInfo`	—
`NrtNameResolutionId`	—
`TcpSendOffloadsSupplementalInfo`	—
`SwitchForwardingDetail`	—
`GftOffloadInfo`	—
`GftFlowEntryId`	—

Event ID 200 — Direction %1, Type %2, Component %3, Edge %4, Filter %5, OriginalSize %13, LoggedSize %14.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Direction %1, Type %2, Component %3, Edge %4, Filter %5, OriginalSize %13, LoggedSize %14

Fields

Name	Description
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`DestinationIP`	—
`SourceIP`	—
`Protocol`	—
`DestinationPort`	—
`SourcePort`	—
`OriginalPayloadSize`	—
`LoggedPayloadSize`	—
`Payload`	—

Event ID 210 — Drop: Direction %1, Type %2, Component %3, Filter %5, DropReason %6, DropLocation %7, OriginalSize %13, LoggedSize %14.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Drop: Direction %1, Type %2, Component %3, Filter %5, DropReason %6, DropLocation %7, OriginalSize %13, LoggedSize %14

Fields

Name	Description
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`DestinationIP`	—
`SourceIP`	—
`Protocol`	—
`DestinationPort`	—
`SourcePort`	—
`OriginalPayloadSize`	—
`LoggedPayloadSize`	—
`Payload`	—

Event ID 220 — Direction %1, Type %2, Component %3, Edge %4, Filter %5, OriginalSize %13, LoggedSize %14.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Direction %1, Type %2, Component %3, Edge %4, Filter %5, OriginalSize %13, LoggedSize %14

Fields

Name	Description
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`DestinationIP`	—
`SourceIP`	—
`Protocol`	—
`DestinationPort`	—
`SourcePort`	—
`OriginalPayloadSize`	—
`LoggedPayloadSize`	—
`Payload`	—

Event ID 230 — Drop: Direction %1, Type %2, Component %3, Filter %5, DropReason %6, DropLocation %7, OriginalSize %13, LoggedSize %14.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Drop: Direction %1, Type %2, Component %3, Filter %5, DropReason %6, DropLocation %7, OriginalSize %13, LoggedSize %14

Fields

Name	Description
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`DestinationIP`	—
`SourceIP`	—
`Protocol`	—
`DestinationPort`	—
`SourcePort`	—
`OriginalPayloadSize`	—
`LoggedPayloadSize`	—
`Payload`	—

Event ID 240 — Duplicate Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Filter %8, DropReason %9, DropLocation %10, Origin...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Duplicate Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Filter %8, DropReason %9, DropLocation %10, OriginalSize %11, LoggedSize %12

Fields

Name	Description
`PktGroupId`	—
`PktNumber`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`OriginalPayloadSize`	—
`LoggedPayloadSize`	—
`Payload`	—

Event ID 250 — PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, %11 %12.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, %11 %12

Fields

Name	Description
`PktGroupId`	—
`PktNumber`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`Type`	—
`PktContext`	—

Event ID 260 — Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, DropReason %9, DropLocation %10, %11 %12.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, DropReason %9, DropLocation %10, %11 %12

Fields

Name	Description
`PktGroupId`	—
`PktNumber`	—
`AppearanceCount`	—
`DirTag`	—
`PacketType`	—
`ComponentId`	—
`EdgeId`	—
`FilterId`	—
`DropReason`	—
`DropLocation`	—
`Type`	—
`PktContext`	—

Event ID 270 — Component added: Id %1, Type %2, Name %3, %4.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Component added: Id %1, Type %2, Name %3, %4

Fields

Name	Description
`Id`	—
`Type`	—
`Name`	—
`Description`	—

Event ID 280 — Component removed: Id %1, Type %2, Name %3, %4.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message

Component removed: Id %1, Type %2, Name %3, %4

Fields

Name	Description
`Id`	—
`Type`	—
`Name`	—
`Description`	—