mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-20 12:53:38 +00:00
Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into WAreorg
This commit is contained in:
jaimeo
@ -831,9 +831,8 @@ This event represents the basic metadata about a file on the system. The file m
|
||||
|
||||
The following fields are available:
|
||||
|
||||
- **AppraiserVersion** The version of the Appraiser file generating the events.
|
||||
- **AvDisplayName** The version of the Appraiser file generating the events.
|
||||
- **AvProductState** If the app is an anti-virus app, this is its display name.
|
||||
- **AvDisplayName** If the app is an anti-virus app, this is its display name.
|
||||
- **AvProductState** Represents state of antivirus program with respect to whether it's turned on and the signatures are up-to-date.
|
||||
- **BinaryType** A binary type. Example: UNINITIALIZED, ZERO_BYTE, DATA_ONLY, DOS_MODULE, NE16_MODULE, PE32_UNKNOWN, PE32_I386, PE32_ARM, PE64_UNKNOWN, PE64_AMD64, PE64_ARM64, PE64_IA64, PE32_CLR_32, PE32_CLR_IL, PE32_CLR_IL_PREFER32, PE64_CLR_64
|
||||
- **BinFileVersion** An attempt to clean up FileVersion at the client that tries to place the version into 4 octets.
|
||||
- **BinProductVersion** An attempt to clean up ProductVersion at the client that tries to place the version into 4 octets.
|
||||
@ -841,8 +840,8 @@ The following fields are available:
|
||||
- **CompanyName** The company name of the vendor who developed this file.
|
||||
- **FileId** A hash that uniquely identifies a file.
|
||||
- **FileVersion** The File version field from the file metadata under Properties -> Details.
|
||||
- **HasUpgradeExe** Represents state of antivirus program with respect to whether it's turned on and the signatures are up-to-date.
|
||||
- **IsAv** A binary type. Example: UNINITIALIZED, ZERO_BYTE, DATA_ONLY, DOS_MODULE, NE16_MODULE, PE32_UNKNOWN, PE32_I386, PE32_ARM, PE64_UNKNOWN, PE64_AMD64, PE64_ARM64, PE64_IA64, PE32_CLR_32, PE32_CLR_IL, PE32_CLR_IL_PREFER32, PE64_CLR_64
|
||||
- **HasUpgradeExe** Does the anti-virus app have an upgrade.exe file?
|
||||
- **IsAv** Is the file an anti-virus reporting EXE?
|
||||
- **LinkDate** The date and time that this file was linked on.
|
||||
- **LowerCaseLongPath** The full file path to the file that was inventoried on the device.
|
||||
- **Name** The name of the file that was inventoried.
|
||||
@ -1653,7 +1652,7 @@ The following fields are available:
|
||||
- **KvaShadow** Microcode info of the processor.
|
||||
- **MMSettingOverride** Microcode setting of the processor.
|
||||
- **MMSettingOverrideMask** Microcode setting override of the processor.
|
||||
- **ProcessorArchitecture** Retrieves the processor architecture of the installed operating system. The complete list of values can be found in DimProcessorArchitecture.
|
||||
- **ProcessorArchitecture** Retrieves the processor architecture of the installed operating system.
|
||||
- **ProcessorClockSpeed** Retrieves the clock speed of the processor in MHz.
|
||||
- **ProcessorCores** Retrieves the number of cores in the processor.
|
||||
- **ProcessorIdentifier** The processor identifier of a manufacturer.
|
||||
@ -1662,7 +1661,7 @@ The following fields are available:
|
||||
- **ProcessorPhysicalCores** Number of physical cores in the processor.
|
||||
- **ProcessorUpdateRevision** The microcode version.
|
||||
- **SocketCount** Number of physical CPU sockets of the machine.
|
||||
- **SpeculationControl** Clock speed of the processor in MHz.
|
||||
- **SpeculationControl** If the system has enabled protections needed to validate the speculation control vulnerability.
|
||||
|
||||
|
||||
### Census.Speech
|
||||
|
||||
@ -317,8 +317,8 @@ This event represents the basic metadata about a file on the system. The file m
|
||||
The following fields are available:
|
||||
|
||||
- **AppraiserVersion** The version of the Appraiser file generating the events.
|
||||
- **AvDisplayName** The version of the Appraiser file generating the events.
|
||||
- **AvProductState** If the app is an anti-virus app, this is its display name.
|
||||
- **AvDisplayName** If the app is an anti-virus app, this is its display name.
|
||||
- **AvProductState** Represents state of antivirus program with respect to whether it's turned on and the signatures are up-to-date.
|
||||
- **BinaryType** A binary type. Example: UNINITIALIZED, ZERO_BYTE, DATA_ONLY, DOS_MODULE, NE16_MODULE, PE32_UNKNOWN, PE32_I386, PE32_ARM, PE64_UNKNOWN, PE64_AMD64, PE64_ARM64, PE64_IA64, PE32_CLR_32, PE32_CLR_IL, PE32_CLR_IL_PREFER32, PE64_CLR_64
|
||||
- **BinFileVersion** An attempt to clean up FileVersion at the client that tries to place the version into 4 octets.
|
||||
- **BinProductVersion** An attempt to clean up ProductVersion at the client that tries to place the version into 4 octets.
|
||||
@ -326,8 +326,8 @@ The following fields are available:
|
||||
- **CompanyName** The company name of the vendor who developed this file.
|
||||
- **FileId** A hash that uniquely identifies a file.
|
||||
- **FileVersion** The File version field from the file metadata under Properties -> Details.
|
||||
- **HasUpgradeExe** Represents state of antivirus program with respect to whether it's turned on and the signatures are up-to-date.
|
||||
- **IsAv** A binary type. Example: UNINITIALIZED, ZERO_BYTE, DATA_ONLY, DOS_MODULE, NE16_MODULE, PE32_UNKNOWN, PE32_I386, PE32_ARM, PE64_UNKNOWN, PE64_AMD64, PE64_ARM64, PE64_IA64, PE32_CLR_32, PE32_CLR_IL, PE32_CLR_IL_PREFER32, PE64_CLR_64
|
||||
- **HasUpgradeExe** Does the anti-virus app have an upgrade.exe file?
|
||||
- **IsAv** Is the file an anti-virus reporting EXE?
|
||||
- **LinkDate** The date and time that this file was linked on.
|
||||
- **LowerCaseLongPath** The full file path to the file that was inventoried on the device.
|
||||
- **Name** The name of the file that was inventoried.
|
||||
@ -1617,7 +1617,7 @@ The following fields are available:
|
||||
- **KvaShadow** Microcode info of the processor.
|
||||
- **MMSettingOverride** Microcode setting of the processor.
|
||||
- **MMSettingOverrideMask** Microcode setting override of the processor.
|
||||
- **ProcessorArchitecture** Retrieves the processor architecture of the installed operating system. The complete list of values can be found in DimProcessorArchitecture.
|
||||
- **ProcessorArchitecture** Retrieves the processor architecture of the installed operating system.
|
||||
- **ProcessorClockSpeed** Retrieves the clock speed of the processor in MHz.
|
||||
- **ProcessorCores** Retrieves the number of cores in the processor.
|
||||
- **ProcessorIdentifier** The processor identifier of a manufacturer.
|
||||
@ -1626,7 +1626,7 @@ The following fields are available:
|
||||
- **ProcessorPhysicalCores** Number of physical cores in the processor.
|
||||
- **ProcessorUpdateRevision** The microcode version.
|
||||
- **SocketCount** Number of physical CPU sockets of the machine.
|
||||
- **SpeculationControl** Clock speed of the processor in MHz.
|
||||
- **SpeculationControl** If the system has enabled protections needed to validate the speculation control vulnerability.
|
||||
|
||||
|
||||
### Census.Security
|
||||
|
||||
Reference in New Issue
Block a user