Display Filter Reference: Event Logger
Protocol field name: eventlog
Versions: 1.0.0 to 3.4.5
Back to Display Filter Reference
| Field name | Description | Type | Versions |
|---|---|---|---|
| eventlog.eventlog_BackupEventLogW.backupfilename | Backupfilename | Character string | 1.0.0 to 3.4.5 |
| eventlog.eventlog_BackupEventLogW.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ChangeNotify.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ChangeNotify.unknown2 | Unknown2 | Label | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ChangeNotify.unknown3 | Unknown3 | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ChangeUnknown0.unknown0 | Unknown0 | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ChangeUnknown0.unknown1 | Unknown1 | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ClearEventLogW.backupfilename | Backupfilename | Character string | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ClearEventLogW.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_CloseEventLog.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_DeregisterEventSource.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_FlushEventLog.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_GetLogIntormation.cbBufSize | CbBufSize | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_GetLogIntormation.cbBytesNeeded | CbBytesNeeded | Signed integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_GetLogIntormation.dwInfoLevel | DwInfoLevel | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_GetLogIntormation.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_GetLogIntormation.lpBuffer | LpBuffer | Unsigned integer, 1 byte | 1.0.0 to 3.4.5 |
| eventlog.eventlog_GetNumRecords.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_GetNumRecords.number | Number | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_GetOldestRecord.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_GetOldestRecord.oldest | Oldest | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_OpenBackupEventLogW.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_OpenBackupEventLogW.logname | Logname | Character string | 1.0.0 to 3.4.5 |
| eventlog.eventlog_OpenBackupEventLogW.unknown0 | Unknown0 | Label | 1.0.0 to 3.4.5 |
| eventlog.eventlog_OpenBackupEventLogW.unknown2 | Unknown2 | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_OpenBackupEventLogW.unknown3 | Unknown3 | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_OpenEventLogW.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_OpenEventLogW.logname | Logname | Label | 1.0.0 to 1.2.18 |
| eventlog.eventlog_OpenEventLogW.MajorVersion | MajorVersion | Unsigned integer, 4 bytes | 1.4.0 to 3.4.5 |
| eventlog.eventlog_OpenEventLogW.MinorVersion | MinorVersion | Unsigned integer, 4 bytes | 1.4.0 to 3.4.5 |
| eventlog.eventlog_OpenEventLogW.Module | Module | Character string | 1.4.0 to 3.4.5 |
| eventlog.eventlog_OpenEventLogW.RegModuleName | RegModuleName | Character string | 1.4.0 to 3.4.5 |
| eventlog.eventlog_OpenEventLogW.servername | Servername | Label | 1.0.0 to 1.2.18 |
| eventlog.eventlog_OpenEventLogW.unknown0 | Unknown0 | Label | 1.0.0 to 3.4.5 |
| eventlog.eventlog_OpenEventLogW.unknown2 | Unknown2 | Unsigned integer, 4 bytes | 1.0.0 to 1.2.18 |
| eventlog.eventlog_OpenEventLogW.unknown3 | Unknown3 | Unsigned integer, 4 bytes | 1.0.0 to 1.2.18 |
| eventlog.eventlog_OpenUnknown0.unknown0 | Unknown0 | Unsigned integer, 2 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_OpenUnknown0.unknown1 | Unknown1 | Unsigned integer, 2 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ReadEventLogW.data | Data | Unsigned integer, 1 byte | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ReadEventLogW.flags | Flags | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ReadEventLogW.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ReadEventLogW.number_of_bytes | Number Of Bytes | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ReadEventLogW.offset | Offset | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ReadEventLogW.real_size | Real Size | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ReadEventLogW.sent_size | Sent Size | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.closing_record_number | Closing Record Number | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.computer_name | Computer Name | Character string | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.data_length | Data Length | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.data_offset | Data Offset | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.event_category | Event Category | Unsigned integer, 2 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.event_id | Event Id | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.event_type | Event Type | Unsigned integer, 2 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.num_of_strings | Num Of Strings | Unsigned integer, 2 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.raw_data | Raw Data | Character string | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.record_number | Record Number | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.reserved | Reserved | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.reserved_flags | Reserved Flags | Unsigned integer, 2 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.sid_length | Sid Length | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.sid_offset | Sid Offset | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.size | Size | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.source_name | Source Name | Character string | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.stringoffset | Stringoffset | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.strings | Strings | Character string | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.time_generated | Time Generated | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_Record.time_written | Time Written | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_RegisterEventSourceW.handle | Handle | Sequence of bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_RegisterEventSourceW.logname | Logname | Character string | 1.0.0 to 3.4.5 |
| eventlog.eventlog_RegisterEventSourceW.servername | Servername | Character string | 1.0.0 to 3.4.5 |
| eventlog.eventlog_RegisterEventSourceW.unknown0 | Unknown0 | Label | 1.0.0 to 3.4.5 |
| eventlog.eventlog_RegisterEventSourceW.unknown2 | Unknown2 | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_RegisterEventSourceW.unknown3 | Unknown3 | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.eventlog_ReportEventW.computer_name | Computer Name | Character string | 1.4.0 to 3.4.5 |
| eventlog.eventlog_ReportEventW.data_length | Data Length | Unsigned integer, 4 bytes | 1.4.0 to 3.4.5 |
| eventlog.eventlog_ReportEventW.event_category | Event Category | Unsigned integer, 2 bytes | 1.4.0 to 3.4.5 |
| eventlog.eventlog_ReportEventW.event_id | Event Id | Unsigned integer, 4 bytes | 1.4.0 to 3.4.5 |
| eventlog.eventlog_ReportEventW.handle | Handle | Sequence of bytes | 1.4.0 to 3.4.5 |
| eventlog.eventlog_ReportEventW.num_of_strings | Num Of Strings | Unsigned integer, 2 bytes | 1.4.0 to 3.4.5 |
| eventlog.eventlog_ReportEventW.time | Time | Unsigned integer, 4 bytes | 1.4.0 to 3.4.5 |
| eventlog.eventlog_ReportEventW.Type | Type | Unsigned integer, 4 bytes | 1.4.0 to 3.4.5 |
| eventlog.eventlogEventTypes.EVENTLOG_AUDIT_FAILURE | EVENTLOG AUDIT FAILURE | Boolean | 1.0.0 to 3.4.5 |
| eventlog.eventlogEventTypes.EVENTLOG_AUDIT_SUCCESS | EVENTLOG AUDIT SUCCESS | Boolean | 1.0.0 to 3.4.5 |
| eventlog.eventlogEventTypes.EVENTLOG_ERROR_TYPE | EVENTLOG ERROR TYPE | Boolean | 1.0.0 to 3.4.5 |
| eventlog.eventlogEventTypes.EVENTLOG_INFORMATION_TYPE | EVENTLOG INFORMATION TYPE | Boolean | 1.0.0 to 3.4.5 |
| eventlog.eventlogEventTypes.EVENTLOG_SUCCESS | Eventlog Success | Boolean | 1.0.0 to 2.2.1 |
| eventlog.eventlogEventTypes.EVENTLOG_WARNING_TYPE | EVENTLOG WARNING TYPE | Boolean | 1.0.0 to 3.4.5 |
| eventlog.eventlogReadFlags.EVENTLOG_BACKWARDS_READ | EVENTLOG BACKWARDS READ | Boolean | 1.0.0 to 3.4.5 |
| eventlog.eventlogReadFlags.EVENTLOG_FORWARDS_READ | EVENTLOG FORWARDS READ | Boolean | 1.0.0 to 3.4.5 |
| eventlog.eventlogReadFlags.EVENTLOG_SEEK_READ | EVENTLOG SEEK READ | Boolean | 1.0.0 to 3.4.5 |
| eventlog.eventlogReadFlags.EVENTLOG_SEQUENTIAL_READ | EVENTLOG SEQUENTIAL READ | Boolean | 1.0.0 to 3.4.5 |
| eventlog.opnum | Operation | Unsigned integer, 2 bytes | 1.0.0 to 3.4.5 |
| eventlog.Record | Record | Label | 1.0.0 to 3.4.5 |
| eventlog.Record.computer_name | Computer Name | Character string | 1.0.0 to 3.4.5 |
| eventlog.Record.length | Record Length | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
| eventlog.Record.source_name | Source Name | Character string | 1.0.0 to 3.4.5 |
| eventlog.Record.string | string | Character string | 1.0.0 to 3.4.5 |
| eventlog.status | NT Error | Unsigned integer, 4 bytes | 1.0.0 to 3.4.5 |
Go Beyond with Riverbed Technology
I have a lot of traffic...
ANSWER: SteelCentral™ AppResponse 11
- • Full stack analysis – from packets to pages
- • Rich performance metrics & pre-defined insights for fast problem identification/resolution
- • Modular, flexible solution for deeply-analyzing network & application performance