Event ID 2000 — Product Name security intelligence version updated.
Description
Product Name security intelligence version updated.
Message #
Fields #
| Name | Description |
|---|---|
Product Name UnicodeString | — |
Product Version UnicodeString | — |
Current security intelligence Version UnicodeString | — |
Previous security intelligence Version UnicodeString | — |
Unused UnicodeString | — |
Unused2 UnicodeString | — |
Unused3 UnicodeString | — |
Domain UnicodeString | — |
User UnicodeString | — |
SID UnicodeString | — |
Security intelligence Type Index UnicodeString | — |
Security intelligence Type UnicodeString | — |
Update Type Index UnicodeString | — |
Update Type UnicodeString | — |
Current Engine Version UnicodeString | — |
Previous Engine Version UnicodeString | — |
Example Event #
{
"system": {
"provider": "Microsoft-Windows-Windows Defender",
"guid": "11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78",
"event_source_name": "",
"event_id": 2000,
"version": 0,
"level": 4,
"task": 0,
"opcode": 0,
"keywords": 9223372036854775808,
"time_created": "2023-10-25T21:44:41.065306+00:00",
"event_record_id": 38,
"correlation": {},
"execution": {
"process_id": 2976,
"thread_id": 4276
},
"channel": "Microsoft-Windows-Windows Defender/Operational",
"computer": "WinDevEval",
"security": {
"user_id": "S-1-5-18"
}
},
"event_data": {
"Product Name": "Microsoft Defender Antivirus",
"Product Version": "4.18.2201.11",
"Current security intelligence Version": "1.399.1311.0",
"Previous security intelligence Version": "1.321.69.0",
"Unused": "",
"Unused2": "",
"Unused3": "",
"Domain": "NT AUTHORITY",
"User": "SYSTEM",
"SID": "S-1-5-18",
"Security intelligence Type Index": "2",
"Security intelligence Type": "AntiSpyware",
"Update Type Index": "1",
"Update Type": "Full",
"Current Engine Version": "1.1.23090.2007",
"Previous Engine Version": "1.1.17300.4"
},
"message": ""
}