Microsoft-Windows-ZTDNS
8 events across 3 channels
| Event ID | Title | Channel |
|---|---|---|
| 1 | PERMIT - Connection [. | PermittedConnections |
| 2 | BLOCK - Connection [. | BlockedConnections |
| 3 | UPDATE - Trusted servers by process (%1) %2. | Operational |
| 4 | REMOVE - %1%2 by process (%3) %4. | Operational |
| 5 | ADD - %1%2 by process (%3) %4. | Operational |
| 6 | UPDATE - State to %1 by process (%2) %3. | Operational |
| 7 | START - ZTDNS service with status %1. | Operational |
| 8 | STOP - ZTDNS service with status %1. | Operational |
Event ID 1 — PERMIT - Connection [.
Message
Fields
| Name | Description |
|---|---|
LocalAddressLength | — |
LocalAddress | — |
LocalPort | — |
RemoteAddressLength | — |
RemoteAddress | — |
RemotePort | — |
Protocol | — |
ProcessId | — |
ProcessPath | — |
PermitType | — |
PermitInfo | — |
ServiceName | — |
Event ID 2 — BLOCK - Connection [.
Message
Fields
| Name | Description |
|---|---|
LocalAddressLength | — |
LocalAddress | — |
LocalPort | — |
RemoteAddressLength | — |
RemoteAddress | — |
RemotePort | — |
Protocol | — |
ProcessId | — |
ProcessPath | — |
ServiceName | — |
Event ID 3 — UPDATE - Trusted servers by process (%1) %2.
Message
Fields
| Name | Description |
|---|---|
ProcessId | — |
ProcessPath | — |
Event ID 4 — REMOVE - %1%2 by process (%3) %4.
Message
Fields
| Name | Description |
|---|---|
ExceptionsUpdateType | — |
ExceptionName | — |
ProcessId | — |
ProcessPath | — |
Event ID 5 — ADD - %1%2 by process (%3) %4.
Message
Fields
| Name | Description |
|---|---|
ExceptionsUpdateType | — |
ExceptionName | — |
ProcessId | — |
ProcessPath | — |
Event ID 6 — UPDATE - State to %1 by process (%2) %3.
Message
Fields
| Name | Description |
|---|---|
ServiceState | — |
ProcessId | — |
ProcessPath | — |
Event ID 7 — START - ZTDNS service with status %1.
Message
Fields
| Name | Description |
|---|---|
Status | — |
Event ID 8 — STOP - ZTDNS service with status %1.
Message
Fields
| Name | Description |
|---|---|
Status | — |