Microsoft-Windows-URLMon

8 events across 1 channel

Event ID	Title	Channel
801		Analytic
802		Analytic
803		Analytic
804		Analytic
805		Analytic
806		Analytic
807		Analytic
808		Analytic

Event ID 801 —

Provider: Microsoft-Windows-URLMon
Channel: Analytic
Task: URLMON_Queue_Msg

Fields #

Name	Description
`Msg` UInt32	—
`URL` UnicodeString	—

Event ID 802 —

Provider: Microsoft-Windows-URLMon
Channel: Analytic
Task: URLMON_Process_Queued_Msg

Fields #

Name	Description
`Msg` UInt32	—
`URL` UnicodeString	—

Event ID 803 —

Provider: Microsoft-Windows-URLMon
Channel: Analytic
Task: URLMON_CINet_Read

Fields #

Name	Description
`Msg` UInt32	—
`URL` UnicodeString	—
`Bytes` UInt32	—

Event ID 804 —

Provider: Microsoft-Windows-URLMon
Channel: Analytic
Task: URLMON_CINet_Read

Fields #

Name	Description
`Bytes` UInt32	—
`URL` UnicodeString	—

Event ID 805 —

Provider: Microsoft-Windows-URLMon
Channel: Analytic
Task: URLMON_CInet_Start

Fields #

Name	Description
`Flags` UInt32	—
`URL` UnicodeString	—

Event ID 806 —

Provider: Microsoft-Windows-URLMon
Channel: Analytic
Task: URLMON_CINet_Abort

Fields #

Name	Description
`Reason` UInt32	—
`URL` UnicodeString	—

Event ID 807 —

Provider: Microsoft-Windows-URLMon
Channel: Analytic
Task: URLMON_CINet_Binding

Fields #

Name	Description
`CInet` Pointer	—
`Binding` Pointer	—

Event ID 808 —

Provider: Microsoft-Windows-URLMon
Channel: Analytic
Task: URLMON_CINet_Write

Fields #

Name	Description
`Operation` UInt32	— Known values `%%2456` Open key file. `%%2457` Delete key file. `%%2458` Read persisted key from file. `%%2459` Write persisted key to file. `%%2464` Export of persistent cryptographic key. `%%2465` Import of persistent cryptographic key. `%%2480` Open Key. `%%2481` Create Key. `%%2482` Delete Key. `%%2483` Encrypt. `%%2484` Decrypt. `%%2485` Sign hash. `%%2486` Secret agreement. `%%2487` Domain settings. `%%2488` Local settings. `%%2489` Add provider. `%%2490` Remove provider. `%%2491` Add context. `%%2492` Remove context. `%%2493` Add function. `%%2494` Remove function. `%%2495` Add function provider. `%%2496` Remove function provider. `%%2497` Add function property. `%%2498` Remove function property. `%%2499` Machine key. `%%2500` User key. `%%2501` Key Derivation. `%%2502` Claim Creation. `%%2503` Claim Verification.
`Bytes` UInt32	—
`URL` UnicodeString	—
`CInet` Pointer	—