Event log record fields

edit

Contains data from a Windows event log record.

type

type: alias

alias to: winlog.api

activity_id

type: alias

alias to: winlog.activity_id

computer_name

type: alias

alias to: winlog.computer_name

event_id

type: alias

alias to: winlog.event_id

keywords

type: alias

alias to: winlog.keywords

log_name

type: alias

alias to: winlog.channel

message_error

type: alias

alias to: error.message

record_number

type: alias

alias to: winlog.record_id

related_activity_id

type: alias

alias to: winlog.related_activity_id

opcode

type: alias

alias to: winlog.opcode

provider_guid

type: alias

alias to: winlog.provider_guid

process_id

type: alias

alias to: winlog.process.pid

source_name

type: alias

alias to: winlog.provider_name

task

type: alias

alias to: winlog.task

thread_id

type: alias

alias to: winlog.process.thread.id

user.identifier

type: alias

alias to: winlog.user.identifier

user.domain

type: alias

alias to: winlog.user.domain

user.type

type: alias

alias to: winlog.user.type

version

type: alias

alias to: winlog.version

xml

type: alias

alias to: event.original