Event ID 20

Registration of WMI consumers

Source:

Microsoft-Windows-Sysmon

Category:

WmiEventConsumer activity detected

WmiEventConsumer activity detected:
    RuleName: %1!s!
    EventType: %2!s!
    UtcTime: %3!s!
    Operation: %4!s!
    User: %5!s!
    Name: %6!s!
    Type: %7!s!
    Destination: %8!s!

This event logs the registration of WMI consumers, recording the consumer name, log, and destination.

LEFT/RIGHT arrow keys for navigation

Back to List