Event Details
Operating System->Microsoft Windows->Application logs->PowerShellCore/Operational->EventID 4100 - Executing Pipeline
EventID 4100 - Executing Pipeline
 Sample:
%3%n%nContext:%n%1%n%nUser Data:%n%2%n

Error Message = Execution of {Invoke-Expression $command} failed with exit code 87
Fully Qualified Error ID = Execution of {Invoke-Expression $command} failed with exit code 87


Context:
        Severity = Warning
        Host Name = ConsoleHost
        Host Version = 5.1.14393.2189
        Host ID = 3469d51d-e2e8-4886-9185-6e126375984f
        Host Application = C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
        Engine Version = 5.1.14393.2189
        Runspace ID = 2b769198-374d-4b5f-9150-5d05e98cd645
        Pipeline ID = 50
        Command Name = 
        Command Type = 
        Script Name = C:\Program Files\PowerShell\6.0.2\RegisterManifest.ps1
        Command Path = 
        Sequence Number = 15
        User = ITSS\igor.ilyin
        Connected User = 
        Shell ID = Microsoft.PowerShell


User Data:
Log Type: Windows Event Log
 Uniquely Identified By:
Log Name: PowerShellCore/Operational
Filtering Field Equals to Value
EventId 4100
Field Matching
FieldDescriptionStored inSample Value
DateTime Date/Time of event origination in GMT format. DateTime 10.10.2000 19:00:00
Source Name of an Application or System Service originating the event. Source Security
Type Warning, Information, Error, Success, Failure, etc. Type Success
User Domain\Account name of user/service/computer initiating event. User RESEARCH\Alebovsky
Computer Name of server workstation where event was logged. Computer DC1
EventID Numerical ID of event. Unique within one Event Source. EventId 576
Description The entire unparsed event message. Description Special privileges assigned to new logon.
Log Name The name of the event log (e.g. Application, Security, System, etc.) LogName Security
Payload InsertionString3
Context InsertionString1
User Data InsertionString2
Comments
You must be logged in to comment