Microsoft-Windows-PktMon

32 events across 1 channel

Event ID	Title	Channel
10	PktMon driver failed to load.	Operational
20	Component Id, Type Type, Name Name, Description.	Operational
30	Property: Component ComponentId, Type = Value.	Operational
40	Property: Component ComponentId, Type = Value.	Operational
50	Property: Component ComponentId, Type = Value.	Operational
60	Property: Component ComponentId, Type = Value.	Operational
65	Property: Component ComponentId, Type = IpAddress.	Operational
66	Property: Component ComponentId, Type = IpAddress.	Operational
70	Property: Component ComponentId, Type = Value.	Operational
73	Property: Component ComponentId, Type = Value.	Operational
75	Property: Component ComponentId, Type = EtherType.	Operational
80	Drop Counters: Component ComponentId, Direction In = DirTagIn, Packets In …	Operational
90	Flow Counters: Component ComponentId, Edge EdgeName, Edge Id EdgeId, Direction …	Operational
100	Packet Filter FilterId, Name FilterName, MAC-1 MacAddress1, MAC-2 MacAddress2, …	Operational
110	Packet Filter FilterId, Name FilterName, MAC-1 MacAddress1, MAC-2 MacAddress2, …	Operational
120	MAC Dest DestinationMAC, MAC Src SourceMAC, EtherType EtherType, VlanId VlanId, …	Operational
130	MAC Dest DestinationMAC, MAC Src SourceMAC, EtherType EtherType, VlanId VlanId, …	Operational
140	Drop: MAC Dest DestinationMAC, MAC Src SourceMAC, EtherType EtherType, VlanId …	Operational
150	Drop: MAC Dest DestinationMAC, MAC Src SourceMAC, EtherType EtherType, VlanId …	Operational
160	PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, …	Operational
170	Drop: PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, …	Operational
180	TcpIpChecksum TcpIpChecksum, TcpLargeSend TcpLargeSend, Ieee8021Q Ieee8021Q, …	Operational
190	Drop: TcpIpChecksum TcpIpChecksum, TcpLargeSend TcpLargeSend, Ieee8021Q …	Operational
200	Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Filter …	Operational
210	Drop: Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, …	Operational
220	Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Filter …	Operational
230	Drop: Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, …	Operational
240	Duplicate Drop: PktGroupId PktGroupId, PktNumber PktNumber, Appearance …	Operational
250	PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, …	Operational
260	Drop: PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, …	Operational
270	Component added: Id Id, Type Type, Name Name, Description.	Operational
280	Component removed: Id Id, Type Type, Name Name, Description.	Operational

Event ID 10 — PktMon driver failed to load.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

PktMon driver failed to load. Error: Status.

Message #

PktMon driver failed to load. Error: %1.

Fields #

Name	Description
`Status` UInt32	— NTSTATUS reference

Event ID 20 — Component Id, Type Type, Name Name, Description.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Component Id, Type Type, Name Name, Description.

Message #

Component %1, Type %2, Name %3, %4

Fields #

Name	Description
`Id` UInt16	—
`Type` UInt16	—
`Name` UnicodeString	—
`Description` UnicodeString	—

Event ID 30 — Property: Component ComponentId, Type = Value.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Property: Component ComponentId, Type = Value.

Message #

Property: Component %1, %2 = %3

Fields #

Name	Description
`ComponentId` UInt16	—
`Type` UInt16	—
`Value` UInt32	—

Event ID 40 — Property: Component ComponentId, Type = Value.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Property: Component ComponentId, Type = Value.

Message #

Property: Component %1, %2 = %3

Fields #

Name	Description
`ComponentId` UInt16	—
`Type` UInt16	—
`Value` GUID	—

Event ID 50 — Property: Component ComponentId, Type = Value.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Property: Component ComponentId, Type = Value.

Message #

Property: Component %1, %2 = %3

Fields #

Name	Description
`ComponentId` UInt16	—
`Type` UInt16	—
`Value` UInt32	—

Event ID 60 — Property: Component ComponentId, Type = Value.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Property: Component ComponentId, Type = Value.

Message #

Property: Component %1, %2 = %3

Fields #

Name	Description
`ComponentId` UInt16	—
`Type` UInt16	—
`Value` UInt16	—

Event ID 65 — Property: Component ComponentId, Type = IpAddress.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Property: Component ComponentId, Type = IpAddress.

Message #

Property: Component %1, %2 = %3

Fields #

Name	Description
`ComponentId` UInt16	—
`Type` UInt16	—
`IpAddress` UInt32	—

Event ID 66 — Property: Component ComponentId, Type = IpAddress.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Property: Component ComponentId, Type = IpAddress.

Message #

Property: Component %1, %2 = %3

Fields #

Name	Description
`ComponentId` UInt16	—
`Type` UInt16	—
`IpAddress` Binary	—

Event ID 70 — Property: Component ComponentId, Type = Value.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Property: Component ComponentId, Type = Value.

Message #

Property: Component %1, %2 = %4

Fields #

Name	Description
`ComponentId` UInt16	—
`Type` UInt16	—
`Size` UInt32	—
`Value` Binary	—

Event ID 73 — Property: Component ComponentId, Type = Value.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Property: Component ComponentId, Type = Value.

Message #

Property: Component %1, %2 = %3

Fields #

Name	Description
`ComponentId` UInt16	—
`Type` UInt16	—
`Value` UnicodeString	—

Event ID 75 — Property: Component ComponentId, Type = EtherType.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Property: Component ComponentId, Type = EtherType.

Message #

Property: Component %1, %2 = %3

Fields #

Name	Description
`ComponentId` UInt16	—
`Type` UInt16	—
`EtherType` UInt16	—

Event ID 80 — Drop Counters: Component ComponentId, Direction In = DirTagIn, Packets In PacketsIn, Bytes In BytesIn, Direction Out = DirTagOut, Packets Out PacketsOut, Bytes Out BytesOut.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Drop Counters: Component ComponentId, Direction In = DirTagIn, Packets In PacketsIn, Bytes In BytesIn, Direction Out = DirTagOut, Packets Out PacketsOut, Bytes Out BytesOut.

Message #

Drop Counters: Component %1, Direction In = %2, Packets In %3, Bytes In %4, Direction Out = %5, Packets Out %6, Bytes Out %7

Fields #

Name	Description
`ComponentId` UInt16	—
`DirTagIn` UInt16	—
`PacketsIn` UInt64	—
`BytesIn` UInt64	—
`DirTagOut` UInt16	—
`PacketsOut` UInt64	—
`BytesOut` UInt64	—

Event ID 90 — Flow Counters: Component ComponentId, Edge EdgeName, Edge Id EdgeId, Direction In = DirTagIn, Packets In PacketsIn, Bytes In BytesIn, Direction Out = DirTagOut, Packets Out PacketsOut, Bytes Out By...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Flow Counters: Component ComponentId, Edge EdgeName, Edge Id EdgeId, Direction In = DirTagIn, Packets In PacketsIn, Bytes In BytesIn, Direction Out = DirTagOut, Packets Out PacketsOut, Bytes Out BytesOut.

Message #

Flow Counters: Component %1, Edge %2, Edge Id %3, Direction In = %4, Packets In %5, Bytes In %6, Direction Out = %7, Packets Out %8, Bytes Out %9

Fields #

Name	Description
`ComponentId` UInt16	—
`EdgeName` UnicodeString	—
`EdgeId` UInt16	—
`DirTagIn` UInt16	—
`PacketsIn` UInt64	—
`BytesIn` UInt64	—
`DirTagOut` UInt16	—
`PacketsOut` UInt64	—
`BytesOut` UInt64	—

Event ID 100 — Packet Filter FilterId, Name FilterName, MAC-1 MacAddress1, MAC-2 MacAddress2, EtherType EtherType, VlanId VlanId, IP-1 IpAddress1, IP-2 IpAddress2, Protocol Protocol, Port-1 Port1, Port-2 Port2, T...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Packet Filter FilterId, Name FilterName, MAC-1 MacAddress1, MAC-2 MacAddress2, EtherType EtherType, VlanId VlanId, IP-1 IpAddress1, IP-2 IpAddress2, Protocol Protocol, Port-1 Port1, Port-2 Port2, TCPFlags TCPFlags.

Message #

Packet Filter %1, Name %2, MAC-1 %3, MAC-2 %4, EtherType %5, VlanId %6, IP-1 %7, IP-2 %8, Protocol %9, Port-1 %10, Port-2 %11, TCPFlags %12

Fields #

Name	Description
`FilterId` UInt16	—
`FilterName` UnicodeString	—
`MacAddress1` Binary	—
`MacAddress2` Binary	—
`EtherType` UInt16	—
`VlanId` UInt16	—
`IpAddress1` UInt32	—
`IpAddress2` UInt32	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`Port1` UInt16	—
`Port2` UInt16	—
`TCPFlags` UInt8	—

Event ID 110 — Packet Filter FilterId, Name FilterName, MAC-1 MacAddress1, MAC-2 MacAddress2, EtherType EtherType, VlanId VlanId, IP-1 IpAddress1, IP-2 IpAddress2, Protocol Protocol, Port-1 Port1, Port-2 Port2, T...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Message #

Packet Filter %1, Name %2, MAC-1 %3, MAC-2 %4, EtherType %5, VlanId %6, IP-1 %7, IP-2 %8, Protocol %9, Port-1 %10, Port-2 %11, TCPFlags %12

Fields #

Name	Description
`FilterId` UInt16	—
`FilterName` UnicodeString	—
`MacAddress1` Binary	—
`MacAddress2` Binary	—
`EtherType` UInt16	—
`VlanId` UInt16	—
`IpAddress1` Binary	—
`IpAddress2` Binary	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`Port1` UInt16	—
`Port2` UInt16	—
`TCPFlags` UInt8	—

Event ID 120 — MAC Dest DestinationMAC, MAC Src SourceMAC, EtherType EtherType, VlanId VlanId, IP Dest DestinationIP, IP Src SourceIP, Protocol Protocol, Port Dest DestinationPort, Port Src SourcePort, TCPFlags T...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

MAC Dest , MAC Src , EtherType , VlanId , IP Dest , IP Src , Protocol , Port Dest , Port Src , TCPFlags , PktGroupId , PktCount , Appearance , Direction , Type , Component , Edge , Filter.

Message #

MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktCount %12, Appearance %13, Direction %14, Type %15, Component %16, Edge %17, Filter %18

Fields #

Name	Description
`DestinationMAC` Binary	—
`SourceMAC` Binary	—
`EtherType` UInt16	—
`VlanId` UInt16	—
`DestinationIP` UInt32	—
`SourceIP` UInt32	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`DestinationPort` UInt16	—
`SourcePort` UInt16	—
`TCPFlags` UInt8	—
`PktGroupId` UInt64	—
`PktCount` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—

Event ID 130 — MAC Dest DestinationMAC, MAC Src SourceMAC, EtherType EtherType, VlanId VlanId, IP Dest DestinationIP, IP Src SourceIP, Protocol Protocol, Port Dest DestinationPort, Port Src SourcePort, TCPFlags T...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

MAC Dest , MAC Src , EtherType , VlanId , IP Dest , IP Src , Protocol , Port Dest , Port Src , TCPFlags , PktGroupId , PktCount , Appearance , Direction , Type , Component , Edge , Filter.

Message #

MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktCount %12, Appearance %13, Direction %14, Type %15, Component %16, Edge %17, Filter %18

Fields #

Name	Description
`DestinationMAC` Binary	—
`SourceMAC` Binary	—
`EtherType` UInt16	—
`VlanId` UInt16	—
`DestinationIP` Binary	—
`SourceIP` Binary	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`DestinationPort` UInt16	—
`SourcePort` UInt16	—
`TCPFlags` UInt8	—
`PktGroupId` UInt64	—
`PktCount` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—

Event ID 140 — Drop: MAC Dest DestinationMAC, MAC Src SourceMAC, EtherType EtherType, VlanId VlanId, IP Dest DestinationIP, IP Src SourceIP, Protocol Protocol, Port Dest DestinationPort, Port Src SourcePort, TCPF...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message #

Drop: MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktCount %12, Appearance %13, Direction %14, Type %15, Component %16, Edge %17, Filter %18, DropReason %19, DropLocation %20

Fields #

Name	Description
`DestinationMAC` Binary	—
`SourceMAC` Binary	—
`EtherType` UInt16	—
`VlanId` UInt16	—
`DestinationIP` UInt32	—
`SourceIP` UInt32	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`DestinationPort` UInt16	—
`SourcePort` UInt16	—
`TCPFlags` UInt8	—
`PktGroupId` UInt64	—
`PktCount` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—

Event ID 150 — Drop: MAC Dest DestinationMAC, MAC Src SourceMAC, EtherType EtherType, VlanId VlanId, IP Dest DestinationIP, IP Src SourceIP, Protocol Protocol, Port Dest DestinationPort, Port Src SourcePort, TCPF...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message #

Drop: MAC Dest %1, MAC Src %2, EtherType %3, VlanId %4, IP Dest %5, IP Src %6, Protocol %7, Port Dest %8, Port Src %9, TCPFlags %10, PktGroupId %11, PktCount %12, Appearance %13, Direction %14, Type %15, Component %16, Edge %17, Filter %18, DropReason %19, DropLocation %20

Fields #

Name	Description
`DestinationMAC` Binary	—
`SourceMAC` Binary	—
`EtherType` UInt16	—
`VlanId` UInt16	—
`DestinationIP` Binary	—
`SourceIP` Binary	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`DestinationPort` UInt16	—
`SourcePort` UInt16	—
`TCPFlags` UInt8	—
`PktGroupId` UInt64	—
`PktCount` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—

Event ID 160 — PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Filter FilterId, OriginalSize OriginalPayloadSize, Log...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Filter FilterId, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Message #

PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, Filter %8, OriginalSize %11, LoggedSize %12

Fields #

Name	Description
`PktGroupId` UInt64	—
`PktNumber` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`OriginalPayloadSize` UInt16	—
`LoggedPayloadSize` UInt16	—
`Payload` Binary	—

Event ID 170 — Drop: PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, DropReason DropReason, DropLocation DropLoca...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Drop: PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, DropReason DropReason, DropLocation DropLocation, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Message #

Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Filter %8, DropReason %9, DropLocation %10, OriginalSize %11, LoggedSize %12

Fields #

Name	Description
`PktGroupId` UInt64	—
`PktNumber` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`OriginalPayloadSize` UInt16	—
`LoggedPayloadSize` UInt16	—
`Payload` Binary	—

Event ID 180 — TcpIpChecksum TcpIpChecksum, TcpLargeSend TcpLargeSend, Ieee8021Q Ieee8021Q, HashInfo HashInfo, HashValue HashValue, VirtualSubnetInfo VirtualSubnetInfo, TcpRecvSegCoalesceInfo TcpRecvSegCoalesceIn...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message #

TcpIpChecksum %11, TcpLargeSend %12, Ieee8021Q %13, HashInfo %14, HashValue %15, VirtualSubnetInfo %16, TcpRecvSegCoalesceInfo %17, NrtNameResolutionId %18, TcpSendOffloadsSupplementalInfo %19, SwitchForwardingDetail %20, GftOffloadInfo %21, GftFlowEntryId %22, PktGroupId %1, PktCount %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, Filter %8

Fields #

Name	Description
`PktGroupId` UInt64	—
`PktCount` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`TcpIpChecksum` Pointer	—
`TcpLargeSend` Pointer	—
`Ieee8021Q` Pointer	—
`HashInfo` Pointer	—
`HashValue` Pointer	—
`VirtualSubnetInfo` Pointer	—
`TcpRecvSegCoalesceInfo` Pointer	—
`NrtNameResolutionId` Pointer	—
`TcpSendOffloadsSupplementalInfo` Pointer	—
`SwitchForwardingDetail` UInt64	—
`GftOffloadInfo` UInt64	—
`GftFlowEntryId` UInt64	—

Event ID 190 — Drop: TcpIpChecksum TcpIpChecksum, TcpLargeSend TcpLargeSend, Ieee8021Q Ieee8021Q, HashInfo HashInfo, HashValue HashValue, VirtualSubnetInfo VirtualSubnetInfo, TcpRecvSegCoalesceInfo TcpRecvSegCoal...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Message #

Drop: TcpIpChecksum %11, TcpLargeSend %12, Ieee8021Q %13, HashInfo %14, HashValue %15, VirtualSubnetInfo %16, TcpRecvSegCoalesceInfo %17, NrtNameResolutionId %18, TcpSendOffloadsSupplementalInfo %19, SwitchForwardingDetail %20, GftOffloadInfo %21, GftFlowEntryId %22, PktGroupId %1, PktCount %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, Filter %8, DropReason %9, DropLocation %10

Fields #

Name	Description
`PktGroupId` UInt64	—
`PktCount` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`TcpIpChecksum` Pointer	—
`TcpLargeSend` Pointer	—
`Ieee8021Q` Pointer	—
`HashInfo` Pointer	—
`HashValue` Pointer	—
`VirtualSubnetInfo` Pointer	—
`TcpRecvSegCoalesceInfo` Pointer	—
`NrtNameResolutionId` Pointer	—
`TcpSendOffloadsSupplementalInfo` Pointer	—
`SwitchForwardingDetail` UInt64	—
`GftOffloadInfo` UInt64	—
`GftFlowEntryId` UInt64	—

Event ID 200 — Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Filter FilterId, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Filter FilterId, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Message #

Direction %1, Type %2, Component %3, Edge %4, Filter %5, OriginalSize %13, LoggedSize %14

Fields #

Name	Description
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`DestinationIP` UInt32	—
`SourceIP` UInt32	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`DestinationPort` UInt16	—
`SourcePort` UInt16	—
`OriginalPayloadSize` UInt16	—
`LoggedPayloadSize` UInt16	—
`Payload` Binary	—

Event ID 210 — Drop: Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, DropReason DropReason, DropLocation DropLocation, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Drop: Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, DropReason DropReason, DropLocation DropLocation, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Message #

Drop: Direction %1, Type %2, Component %3, Filter %5, DropReason %6, DropLocation %7, OriginalSize %13, LoggedSize %14

Fields #

Name	Description
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`DestinationIP` UInt32	—
`SourceIP` UInt32	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`DestinationPort` UInt16	—
`SourcePort` UInt16	—
`OriginalPayloadSize` UInt16	—
`LoggedPayloadSize` UInt16	—
`Payload` Binary	—

Event ID 220 — Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Filter FilterId, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Filter FilterId, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Message #

Direction %1, Type %2, Component %3, Edge %4, Filter %5, OriginalSize %13, LoggedSize %14

Fields #

Name	Description
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`DestinationIP` Binary	—
`SourceIP` Binary	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`DestinationPort` UInt16	—
`SourcePort` UInt16	—
`OriginalPayloadSize` UInt16	—
`LoggedPayloadSize` UInt16	—
`Payload` Binary	—

Event ID 230 — Drop: Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, DropReason DropReason, DropLocation DropLocation, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Drop: Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, DropReason DropReason, DropLocation DropLocation, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Message #

Drop: Direction %1, Type %2, Component %3, Filter %5, DropReason %6, DropLocation %7, OriginalSize %13, LoggedSize %14

Fields #

Name	Description
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`DestinationIP` Binary	—
`SourceIP` Binary	—
`Protocol` UInt8	— Known values `0` HOPOPT `1` ICMP `2` IGMP `6` TCP `17` UDP `41` IPv6 `43` IPv6-Route `44` IPv6-Frag `47` GRE `50` ESP `51` AH `58` ICMPv6 `89` OSPF `103` PIM `132` SCTP
`DestinationPort` UInt16	—
`SourcePort` UInt16	—
`OriginalPayloadSize` UInt16	—
`LoggedPayloadSize` UInt16	—
`Payload` Binary	—

Event ID 240 — Duplicate Drop: PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, DropReason DropReason, DropLocatio...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Duplicate Drop: PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Filter FilterId, DropReason DropReason, DropLocation DropLocation, OriginalSize OriginalPayloadSize, LoggedSize LoggedPayloadSize.

Message #

Duplicate Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Filter %8, DropReason %9, DropLocation %10, OriginalSize %11, LoggedSize %12

Fields #

Name	Description
`PktGroupId` UInt64	—
`PktNumber` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`OriginalPayloadSize` UInt16	—
`LoggedPayloadSize` UInt16	—
`Payload` Binary	—

Event ID 250 — PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Type PktContext.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, Type PktContext.

Message #

PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, %11 %12

Fields #

Name	Description
`PktGroupId` UInt64	—
`PktNumber` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`Type` UInt16	—
`PktContext` UInt64	—

Event ID 260 — Drop: PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, DropReason DropReason, DropLocation DropLocation...

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Drop: PktGroupId PktGroupId, PktNumber PktNumber, Appearance AppearanceCount, Direction DirTag, Type PacketType, Component ComponentId, Edge EdgeId, DropReason DropReason, DropLocation DropLocation, Type PktContext.

Message #

Drop: PktGroupId %1, PktNumber %2, Appearance %3, Direction %4, Type %5, Component %6, Edge %7, DropReason %9, DropLocation %10, %11 %12

Fields #

Name	Description
`PktGroupId` UInt64	—
`PktNumber` UInt16	—
`AppearanceCount` UInt16	—
`DirTag` UInt16	—
`PacketType` UInt16	—
`ComponentId` UInt16	—
`EdgeId` UInt16	—
`FilterId` UInt16	—
`DropReason` UInt32	—
`DropLocation` UInt32	—
`Type` UInt16	—
`PktContext` UInt64	—

Event ID 270 — Component added: Id Id, Type Type, Name Name, Description.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Component added: Id Id, Type Type, Name Name, Description.

Message #

Component added: Id %1, Type %2, Name %3, %4

Fields #

Name	Description
`Id` UInt16	—
`Type` UInt16	—
`Name` UnicodeString	—
`Description` UnicodeString	—

Event ID 280 — Component removed: Id Id, Type Type, Name Name, Description.

Provider: Microsoft-Windows-PktMon
Channel: Operational

Description

Component removed: Id Id, Type Type, Name Name, Description.

Message #

Component removed: Id %1, Type %2, Name %3, %4

Fields #

Name	Description
`Id` UInt16	—
`Type` UInt16	—
`Name` UnicodeString	—
`Description` UnicodeString	—