Event ID 2002 — Product Name engine version has been updated.
Description
Product Name engine version has been updated.
Message #
Fields #
| Name | Description |
|---|---|
Product Name UnicodeString | — |
Product Version UnicodeString | — |
Current Engine Version UnicodeString | — |
Previous Engine Version UnicodeString | — |
Unused UnicodeString | — |
Unused2 UnicodeString | — |
Unused3 UnicodeString | — |
Domain UnicodeString | — |
User UnicodeString | — |
SID UnicodeString | — |
Unused4 UnicodeString | — |
Unused5 UnicodeString | — |
Feature Index UnicodeString | — |
Feature Name UnicodeString | — |
Example Event #
{
"system": {
"provider": "Microsoft-Windows-Windows Defender",
"guid": "11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78",
"event_source_name": "",
"event_id": 2002,
"version": 0,
"level": 4,
"task": 0,
"opcode": 0,
"keywords": 9223372036854775808,
"time_created": "2023-10-25T21:44:41.062981+00:00",
"event_record_id": 36,
"correlation": {},
"execution": {
"process_id": 2976,
"thread_id": 4276
},
"channel": "Microsoft-Windows-Windows Defender/Operational",
"computer": "WinDevEval",
"security": {
"user_id": "S-1-5-18"
}
},
"event_data": {
"Product Name": "Microsoft Defender Antivirus",
"Product Version": "4.18.2201.11",
"Current Engine Version": "1.1.23090.2007",
"Previous Engine Version": "1.1.17300.4",
"Unused": "",
"Unused2": "",
"Unused3": "",
"Domain": "NT AUTHORITY",
"User": "SYSTEM",
"SID": "S-1-5-18",
"Unused4": "",
"Unused5": "",
"Feature Index": "0",
"Feature Name": "Antimalware"
},
"message": ""
}