Microsoft-Windows-Hyper-V-Compute

274 events across 4 channels

Event	Title	Channel	Sample
100	TraceData.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
100	Event ID 100	Operational	N
101	TraceData.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
101	Event ID 101	Operational	N
102	TraceData.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
102	Event ID 102	Operational	N
103	TraceData.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
103	Event ID 103	Operational	N
500	Started DM operation add memory.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
500	Started DM operation add memory	Operational	N
501	DM operation add memory completed Parameter0 pages were added, time Time s.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
501	DM operation add memory completed Parameter0 pages were added, time Time s	Operational	N
502	Started DM operation remove memory.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
502	Started DM operation remove memory	Operational	N
503	DM operation remove memory completed Parameter0 pages were removed, time Time s.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
503	DM operation remove memory completed Parameter0 pages were removed, time Time s	Operational	N
504	Started DM operation add memory (SLP).	Microsoft-Windows-Hyper-V-Compute-Analytic	N
504	Started DM operation add memory (SLP)	Operational	N
505	DM operation add memory (SLP) completed Parameter0 pages were added, time Time …	Microsoft-Windows-Hyper-V-Compute-Analytic	N
505	DM operation add memory (SLP) completed Parameter0 pages were added, time Time s	Operational	N
506	Virtual machine ID VmId : memory pressure Parameter0.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
506	Virtual machine ID VmId : memory pressure	Operational	N
507	Virtual machine ID VmId : committed memory Parameter0.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
507	Virtual machine ID VmId : committed memory	Operational	N
508	Virtual machine ID VmId : available memory Parameter0.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
508	Virtual machine ID VmId : available memory	Operational	N
509	Virtual machine ID VmId : actual total physical memory Parameter0.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
509	Virtual machine ID VmId : actual total physical memory	Operational	N
510	Virtual machine ID VmId : guest visible physical memory Parameter0.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
510	Virtual machine ID VmId : guest visible physical memory	Operational	N
511	NUMA node VmId: system average pressure: Parameter0.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
511	NUMA node VmId: system average pressure:	Operational	N
512	NUMA node VmId: system available memory: Parameter0 MB.	Microsoft-Windows-Hyper-V-Compute-Analytic	N
512	NUMA node VmId: system available memory: Parameter0 MB	Operational	N
1000	The Host Compute Service is starting.	Microsoft-Windows-Hyper-V-Compute-Operational	Y
1001	The Host Compute Service started successfully.	Microsoft-Windows-Hyper-V-Compute-Admin	Y
1001	The Host Compute Service started successfully	Operational	Y
1002	The Host Compute Service is shutting down.	Operational	N
1003	The Host Compute Service shut down successfully.	Microsoft-Windows-Hyper-V-Compute-Admin	N
1003	The Host Compute Service shut down successfully	Operational	N
2000	[VmlEventLog.SystemId] Create compute system, result VmlEventLog.Result.	Microsoft-Windows-Hyper-V-Compute-Operational	Y
2001	[VmlEventLog.SystemId] Start compute system, result VmlEventLog.Result.	Operational	Y
2002	[SystemId] Shut down compute system, result Result.	Operational	N
2003	[VmlEventLog.SystemId] Terminate compute system, result VmlEventLog.Result.	Operational	Y
2004	[VmlEventLog.SystemId] Pause compute system, options 'VmlEventLog.Parameter0', …	Operational	Y
2005	[SystemId] Resume compute system, options 'Parameter0', result Result.	Operational	N
2006	[SystemId] Get compute system properties, query 'Parameter0', result Result.	Operational	N
2007	[VmlEventLog.SystemId] Modify compute system, settings 'VmlEventLog.Parameter0', …	Operational	Y
2008	[VmlEventLog.SystemId] Query compute system notification, result …	Operational	Y
2009	[VmlEventLog.SystemId] Queue system notification: VmlEventLog.Parameter0 / …	Microsoft-Windows-Hyper-V-Compute-Operational	Y
2010	[SystemId] Create Container, type 'Parameter0', settings 'Parameter1'.	Operational	N
2011	[SystemId] Create Container VM, VM ID Parameter0, result Result.	Operational	N
2012	[SystemId] Create Container template VM, image path 'Parameter2', VP count …	Operational	N
2013	[SystemId] Using template VM 'Parameter0'.	Operational	N
2014	[VmlEventLog.SystemId] Create Virtual Machine.	Microsoft-Windows-Hyper-V-Compute-Operational	Y
2015	[SystemId] Add compute system resource, location 'Parameter0', resource …	Operational	N
2016	[SystemId] Modify compute system resource, location 'Parameter0', resource …	Operational	N
2017	[SystemId] Remove compute system, location 'Parameter0', result Result.	Operational	N
2018	[VmlEventLog.SystemId] Save compute system, options 'VmlEventLog.Parameter0', …	Operational	Y
2019	[SystemId] Crash compute system, options 'Parameter0', result Result.	Operational	N
2020	[SystemId] Cancel operation id Parameter0 result Result.	Operational	N
2021	[SystemId] Get properties of operation id Parameter0 result Result.	Operational	N
2500	[SystemId] Create process, parameters 'Parameter1', result Result, process ID …	Operational	N
2501	[SystemId] Terminate process, process ID Parameter0, result Result.	Operational	N
2502	[SystemId] Query process notification, process ID Parameter0, result Result, …	Operational	N
2503	[SystemId] Queue process notification Parameter1 / Parameter2, process ID …	Operational	N
2504	The dynamic memory balancer timer was started.	Operational	Y
2505	[SystemId] Start compute system preservation with settings 'Parameter0', result …	Operational	N
2506	[SystemId] Finalize compute system preservation with settings 'Parameter0', …	Operational	N
2507	[SystemId] Start migration of compute system with settings 'Parameter0', result …	Operational	N
2508	[SystemId] Start migration transfer of compute system with settings …	Operational	N
2509	[SystemId] Wait for compute system migration to be finalized with settings …	Operational	N
2510	[SystemId] Migrate compute system with settings 'Parameter0', result Result.	Operational	N
2511	[SystemId] Finalize compute system with settings 'Parameter0', result Result.	Operational	N
10000	The Host Compute Service failed to start: ErrorMessage (ErrorCode).	Microsoft-Windows-Hyper-V-Compute-Admin	N
10000	The Host Compute Service failed to start: ErrorMessage (ErrorCode)	Operational	N
10001	The dynamic memory balancer failed to start because the host system is not …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10001	The dynamic memory balancer failed to start because the host system is not …	Operational	N
10002	Virtual machine 'Parameter0' cannot be started on this server.	Microsoft-Windows-Hyper-V-Compute-Admin	N
10002	Virtual machine 'Parameter0' cannot be started on this server	Operational	N
10003	Virtual machine 'Parameter0' cannot be started on this server.	Microsoft-Windows-Hyper-V-Compute-Admin	N
10003	Virtual machine 'Parameter0' cannot be started on this server	Operational	N
10004	'Parameter0' failed to start worker process: Parameter2 (Parameter3).	Microsoft-Windows-Hyper-V-Compute-Admin	N
10004	'Parameter0' failed to start worker process: Parameter2 (Parameter3)	Operational	N
10005	Failed to start worker process: Parameter2 (Parameter3).	Microsoft-Windows-Hyper-V-Compute-Admin	N
10005	Failed to start worker process: Parameter2 (Parameter3)	Operational	N
10006	The virtual machine 'VmName' with RAM size Parameter0 MB failed to reset due to …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10006	The virtual machine 'VmName' with RAM size Parameter0 MB failed to reset due to …	Operational	N
10007	Failed to reset the virtual machine 'VmName' (Virtual machine ID VmId).	Microsoft-Windows-Hyper-V-Compute-Admin	N
10007	Failed to reset the virtual machine 'VmName' (Virtual machine ID VmId)	Operational	N
10008	The virtual machine 'Parameter0' with RAM size Parameter2 MB failed to start due …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10008	The virtual machine 'Parameter0' with RAM size Parameter2 MB failed to start due …	Operational	N
10009	Failed to start the virtual machine 'Parameter0' (Virtual machine ID …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10009	Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1)	Operational	N
10010	The root memory reserve key (HKLM\Software\Microsoft\Windows …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10010	The root memory reserve key (HKLM\Software\Microsoft\Windows …	Operational	N
10011	The root memory reserve key (HKLM\Software\Microsoft\Windows …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10011	The root memory reserve key (HKLM\Software\Microsoft\Windows …	Operational	N
10013	DM operation add for the virtual machine 'Parameter0' took more than Parameter2 …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10013	DM operation add for the virtual machine 'Parameter0' took more than Parameter2 …	Operational	N
10014	DM operation remove for the virtual machine 'Parameter0' took more than …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10014	DM operation remove for the virtual machine 'Parameter0' took more than …	Operational	N
10015	The dynamic memory balancer could not balance the system due to high memory …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10015	The dynamic memory balancer could not balance the system due to high memory …	Operational	N
10016	Smart Paging was active for the virtual machine 'Parameter0' more than …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10016	Smart Paging was active for the virtual machine 'Parameter0' more than …	Operational	N
10017	The virtual machine 'Parameter0' stopped using Smart Paging after Parameter2 …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10017	The virtual machine 'Parameter0' stopped using Smart Paging after Parameter2 …	Operational	N
10018	DM operation add for the virtual machine 'Parameter0' failed with error: …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10018	DM operation add for the virtual machine 'Parameter0' failed with error: …	Operational	N
10019	DM operation remove for the virtual machine 'Parameter0' failed with error: …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10019	DM operation remove for the virtual machine 'Parameter0' failed with error: …	Operational	N
10020	The dynamic memory balancer could not add memory to the virtual machine …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10020	The dynamic memory balancer could not add memory to the virtual machine …	Operational	N
10021	Failed to start the virtual machine 'Parameter0' (Virtual machine ID …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10021	Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1)	Operational	N
10022	The memory specified for the virtual machine cannot be supported by this host.	Microsoft-Windows-Hyper-V-Compute-Admin	N
10022	The memory specified for the virtual machine cannot be supported by this host	Operational	N
10023	The root memory reserve key (HKLM\Software\Microsoft\Windows …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10023	The root memory reserve key (HKLM\Software\Microsoft\Windows …	Operational	N
10024	The root memory reserve key (HKLM\Software\Microsoft\Windows …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10024	The root memory reserve key (HKLM\Software\Microsoft\Windows …	Operational	N
10025	An invalid value is set for the DHMM policy.	Microsoft-Windows-Hyper-V-Compute-Admin	N
10025	An invalid value is set for the DHMM policy	Operational	N
10026	An invalid value is set for the DHMM policy.	Microsoft-Windows-Hyper-V-Compute-Admin	N
10026	An invalid value is set for the DHMM policy	Operational	N
10028	The virtual machine 'Parameter0' failed to start due to compute-less and …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10028	The virtual machine 'Parameter0' failed to start due to compute-less and …	Operational	N
10029	Failed to start the virtual machine 'Parameter0' (Virtual machine ID …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10029	Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1)	Operational	N
10030	The requested virtual NUMA node count for the virtual machine cannot be …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10030	The requested virtual NUMA node count for the virtual machine cannot be …	Operational	N
10031	Failed to start the virtual machine 'Parameter0' (Virtual machine ID …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10031	Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1)	Operational	N
10032	Not all device specific physical NUMA nodes are assigned to the virtual machine …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10032	Not all device specific physical NUMA nodes are assigned to the virtual machine …	Operational	N
10033	NUMA node assignment is not optimal for the virtual machine 'Parameter0' …	Microsoft-Windows-Hyper-V-Compute-Admin	N
10033	NUMA node assignment is not optimal for the virtual machine 'Parameter0' …	Operational	N
11000	The specified compute system configuration is invalid: ErrorMessage (ErrorCode, …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11000	The specified compute system configuration is invalid: ErrorMessage (ErrorCode, …	Operational	N
11001	The specified property query is invalid: ErrorMessage (ErrorCode, 'Parameter0').	Microsoft-Windows-Hyper-V-Compute-Admin	N
11001	The specified property query is invalid: ErrorMessage (ErrorCode, 'Parameter0')	Operational	N
11002	The specified options document is invalid: ErrorMessage (ErrorCode, …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11002	The specified options document is invalid: ErrorMessage (ErrorCode, …	Operational	N
11003	The specified settings document is invalid: ErrorMessage (ErrorCode, …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11003	The specified settings document is invalid: ErrorMessage (ErrorCode, …	Operational	N
11004	Failed to recover compute system (SystemId): ErrorMessage (ErrorCode).	Microsoft-Windows-Hyper-V-Compute-Admin	N
11004	Failed to recover compute system (SystemId): ErrorMessage (ErrorCode)	Operational	N
11005	[SystemId] The specified settings document is invalid: A required field …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11005	[SystemId] The specified settings document is invalid: A required field …	Operational	N
11006	[SystemId] The specified settings document is invalid: A field 'Parameter0' …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11006	[SystemId] The specified settings document is invalid: A field 'Parameter0' …	Operational	N
11007	The specified save options are invalid: ErrorMessage (ErrorCode, 'Parameter0').	Microsoft-Windows-Hyper-V-Compute-Admin	N
11007	The specified save options are invalid: ErrorMessage (ErrorCode, 'Parameter0')	Operational	N
11008	Cannot create system 'VmlEventLog.SystemId' since Hyper-V is not installed on …	Microsoft-Windows-Hyper-V-Compute-Admin	Y
11008	Cannot create system 'SystemId' since Hyper-V is not installed on the host	Operational	N
11009	A resource URI 'Parameter0' specified in the compute system configuration field …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11009	A resource URI 'Parameter0' specified in the compute system configuration field …	Operational	N
11500	The specified number of processors is not supported by the system (Parameter0).	Microsoft-Windows-Hyper-V-Compute-Admin	N
11500	The specified number of processors is not supported by the system (Parameter0)	Operational	N
11501	The specified relative processor weight is out of valid range (Parameter0).	Microsoft-Windows-Hyper-V-Compute-Admin	N
11501	The specified relative processor weight is out of valid range (Parameter0)	Operational	N
11502	The specified limit for the processors usage is out of valid range (Parameter0).	Microsoft-Windows-Hyper-V-Compute-Admin	N
11502	The specified limit for the processors usage is out of valid range (Parameter0)	Operational	N
11503	The specified Storage Quality of Service settings are not supported on Data …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11503	The specified Storage Quality of Service settings are not supported on Data …	Operational	N
11504	Storage Quality of Service has been applied to a Container and to one or mode …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11504	Storage Quality of Service has been applied to a Container and to one or mode …	Operational	N
11505	The specified memory amount is out of valid range (Parameter0).	Microsoft-Windows-Hyper-V-Compute-Admin	N
11505	The specified memory amount is out of valid range (Parameter0)	Operational	N
11506	The specified process parameters are invalid: ErrorMessage (ErrorCode, …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11506	The specified process parameters are invalid: ErrorMessage (ErrorCode, …	Operational	N
11507	Failed to setup the external credentials for Container 'SystemId': ErrorMessage …	Microsoft-Windows-Hyper-V-Compute-Admin	N
11507	Failed to setup the external credentials for Container 'SystemId': ErrorMessage …	Operational	N
12000	Failed to create the Virtual Machine for Hyper-V Container 'SystemId': …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12000	Failed to create the Virtual Machine for Hyper-V Container 'SystemId': …	Operational	N
12001	Cannot start Hyper-V Container 'SystemId' since the hypervisor is not running in …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12001	Cannot start Hyper-V Container 'SystemId' since the hypervisor is not running in …	Operational	N
12002	Failed to create the Virtual Machine for Hyper-V Container template 'SystemId': …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12002	Failed to create the Virtual Machine for Hyper-V Container template 'SystemId': …	Operational	N
12003	Cannot create a template for a Hyper-V Container, reached the maximum number of …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12003	Cannot create a template for a Hyper-V Container, reached the maximum number of …	Operational	N
12004	Failed to setup the template for a Hyper-V Container: ErrorMessage (ErrorCode).	Microsoft-Windows-Hyper-V-Compute-Admin	N
12004	Failed to setup the template for a Hyper-V Container: ErrorMessage (ErrorCode)	Operational	N
12005	Failed to setup Windows Defender for Container 'SystemId', Windows Defender is …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12005	Failed to setup Windows Defender for Container 'SystemId', Windows Defender is …	Operational	N
12006	The Hyper-V Container 'SystemId' encountered a protocol error and was …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12006	The Hyper-V Container 'SystemId' encountered a protocol error and was terminated	Operational	N
12100	Failed to create network endpoint for Container 'SystemId': ErrorMessage …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12100	Failed to create network endpoint for Container 'SystemId': ErrorMessage …	Operational	N
12101	Failed to delete network endpoint for Container 'SystemId', network endpoint ID …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12101	Failed to delete network endpoint for Container 'SystemId', network endpoint ID …	Operational	N
12102	Failed to attach network endpoint to Container 'SystemId', network endpoint ID …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12102	Failed to attach network endpoint to Container 'SystemId', network endpoint ID …	Operational	N
12103	Failed to detach network endpoint from Container 'SystemId', network endpoint ID …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12103	Failed to detach network endpoint from Container 'SystemId', network endpoint ID …	Operational	N
12104	Failed to query network endpoint properties for Container 'SystemId', network …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12104	Failed to query network endpoint properties for Container 'SystemId', network …	Operational	N
12105	Failed to create network adapter for Container 'SystemId', network endpoint ID …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12105	Failed to create network adapter for Container 'SystemId', network endpoint ID …	Operational	N
12106	Cannot perform the operation for compute system 'SystemId' as that system has …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12106	Cannot perform the operation for compute system 'SystemId' as that system has …	Operational	N
12107	Cannot perform the operation for compute system 'SystemId' because it is …	Microsoft-Windows-Hyper-V-Compute-Admin	N
12107	Cannot perform the operation for compute system 'SystemId' because it is …	Operational	N
40012	Memory weight above maximum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40012	Memory weight above maximum	Operational	N
40014	Memory virtual quantity above maximum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40014	Memory virtual quantity above maximum	Operational	N
40016	Memory virtual quantity below minimum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40016	Memory virtual quantity below minimum	Operational	N
40018	Memory virtual quantity not properly aligned.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40018	Memory virtual quantity not properly aligned	Operational	N
40020	Memory virtual quantity above limit.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40020	Memory virtual quantity above limit	Operational	N
40022	Memory virtual quantity below reservation.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40022	Memory virtual quantity below reservation	Operational	N
40024	Memory limit above maximum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40024	Memory limit above maximum	Operational	N
40026	Memory limit below minimum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40026	Memory limit below minimum	Operational	N
40028	Memory limit not properly aligned.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40028	Memory limit not properly aligned	Operational	N
40030	Memory reservation above maximum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40030	Memory reservation above maximum	Operational	N
40032	Memory reservation below minimum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40032	Memory reservation below minimum	Operational	N
40034	Memory reservation not properly aligned.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40034	Memory reservation not properly aligned	Operational	N
40036	Memory target memory buffer above maximum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40036	Memory target memory buffer above maximum	Operational	N
40038	Memory target memory buffer below minimum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40038	Memory target memory buffer below minimum	Operational	N
40048	Invalid memory alignment.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40048	Invalid memory alignment	Operational	N
40050	The version of the virtual machine is not compatible with the alignment.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40050	The version of the virtual machine is not compatible with the alignment	Operational	N
40052	Memory weight is below minimum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40052	Memory weight is below minimum	Operational	N
40054	The version or generation of the virtual machine is not compatible with SGX.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40054	The version or generation of the virtual machine is not compatible with SGX	Operational	N
40056	SGX launch control mode is invalid.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40056	SGX launch control mode is invalid	Operational	N
40058	Default SGX launch control MSR string is invalid.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40058	Default SGX launch control MSR string is invalid	Operational	N
40060	Memory per virtual NUMA node is above maximum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40060	Memory per virtual NUMA node is above maximum	Operational	N
40062	Memory per virtual NUMA node is below minimum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40062	Memory per virtual NUMA node is below minimum	Operational	N
40064	Memory per virtual NUMA node is not properly aligned.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40064	Memory per virtual NUMA node is not properly aligned	Operational	N
40066	SGX memory is above maximum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40066	SGX memory is above maximum	Operational	N
40068	SGX memory is below minimum.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40068	SGX memory is below minimum	Operational	N
40070	SGX memory is not porperly aligned.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40070	SGX memory is not porperly aligned	Operational	N
40072	Pool id specified is unknown.	Microsoft-Windows-Hyper-V-Compute-Admin	N
40072	Pool id specified is unknown	Operational	N
65526	SystemId\|ErrorMessage\|ErrorCode.	Operational	N
65527	%.	Operational	N
65528	SystemId\|ErrorMessage\|ErrorCode.	Operational	N
65529	task_065529	Operational	N
65530	--	Microsoft-Windows-Hyper-V-Compute-Admin	N
65530	--	Operational	N
65531	Parameter0.	Microsoft-Windows-Hyper-V-Compute-Admin	N
65531	Event ID 65531	Operational	N
65532	SystemId\|ErrorMessage\|ErrorCode.	Microsoft-Windows-Hyper-V-Compute-Admin	N
65532	SystemId\|ErrorMessage\|	Operational	N
65533	SystemId\|ErrorMessage\|ErrorCode\|Parameter0.	Microsoft-Windows-Hyper-V-Compute-Admin	N
65533	SystemId\|ErrorMessage\|ErrorCode\|	Operational	N
65534	SystemId\|ErrorMessage\|ErrorCode\|Parameter0.	Microsoft-Windows-Hyper-V-Compute-Admin	N
65534	SystemId\|ErrorMessage\|ErrorCode\|	Operational	N
65535	SystemId\|ErrorMessage\|ErrorCode\|Parameter0.	Microsoft-Windows-Hyper-V-Compute-Admin	N
65535	SystemId\|ErrorMessage\|ErrorCode\|	Operational	N

Event ID 100: TraceData.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic

Message #

%1

Fields #

Name	Description
`TraceData` UnicodeString
`VmName` UnicodeString
`VmId` UnicodeString
`StackFrameCount` UInt32
`StackFrame` Pointer
`ModuleCount` UInt32
`Module` Int32

Event ID 100

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`TraceData` UnicodeString
`VmName` UnicodeString
`VmId` UnicodeString
`StackFrameCount` UInt32
`StackFrame` Pointer
`ModuleCount` UInt32
`Module` Int32

Event ID 101: TraceData.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic

Message #

%1

Fields #

Name	Description
`TraceData` UnicodeString
`VmName` UnicodeString
`VmId` UnicodeString
`StackFrameCount` UInt32
`StackFrame` Pointer
`ModuleCount` UInt32
`Module` Int32

Event ID 101

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`TraceData` UnicodeString
`VmName` UnicodeString
`VmId` UnicodeString
`StackFrameCount` UInt32
`StackFrame` Pointer
`ModuleCount` UInt32
`Module` Int32

Event ID 102: TraceData.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic

Message #

%1

Fields #

Name	Description
`TraceData` UnicodeString
`VmName` UnicodeString
`VmId` UnicodeString
`StackFrameCount` UInt32
`StackFrame` Pointer
`ModuleCount` UInt32
`Module` Int32

Event ID 102

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`TraceData` UnicodeString
`VmName` UnicodeString
`VmId` UnicodeString
`StackFrameCount` UInt32
`StackFrame` Pointer
`ModuleCount` UInt32
`Module` Int32

Event ID 103: TraceData.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic

Message #

%1

Fields #

Name	Description
`TraceData` UnicodeString
`VmName` UnicodeString
`VmId` UnicodeString
`StackFrameCount` UInt32
`StackFrame` Pointer
`ModuleCount` UInt32
`Module` Int32

Event ID 103

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`TraceData` UnicodeString
`VmName` UnicodeString
`VmId` UnicodeString
`StackFrameCount` UInt32
`StackFrame` Pointer
`ModuleCount` UInt32
`Module` Int32

Event ID 500: Started DM operation add memory.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Task: Dynamicmemory_addmemory
Opcode: Start

Description

Started DM operation add memory. Balancer requested to add Parameter0 pages. (Virtual machine ID VmId).

Message #

Started DM operation add memory. Balancer requested to add %2 pages. (Virtual machine ID %1)

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 500: Started DM operation add memory

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Task: Dynamicmemory_addmemory
Opcode: Start

Description

Started DM operation add memory. Balancer requested to add pages. (Virtual machine ID ).

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 501: DM operation add memory completed Parameter0 pages were added, time Time s.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Task: Dynamicmemory_addmemory
Opcode: Stop

Description

DM operation add memory completed Parameter0 pages were added, time Time s. (Virtual machine ID VmId).

Message #

DM operation add memory completed %3 pages were added, time %2 s. (Virtual machine ID %1)

Fields #

Name	Description
`VmId` UnicodeString
`Time` UnicodeString
`Parameter0` UInt64

Event ID 501: DM operation add memory completed Parameter0 pages were added, time Time s

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Task: Dynamicmemory_addmemory
Opcode: Stop

Description

DM operation add memory completed pages were added, time s. (Virtual machine ID ).

Fields #

Name	Description
`VmId` UnicodeString
`Time` UnicodeString
`Parameter0` UInt64

Event ID 502: Started DM operation remove memory.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Task: Dynamicmemory_removememory
Opcode: Start

Description

Started DM operation remove memory. Balancer requested to remove Parameter0 pages. (Virtual machine ID VmId).

Message #

Started DM operation remove memory. Balancer requested to remove %2 pages. (Virtual machine ID %1)

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 502: Started DM operation remove memory

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Task: Dynamicmemory_removememory
Opcode: Start

Description

Started DM operation remove memory. Balancer requested to remove pages. (Virtual machine ID ).

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 503: DM operation remove memory completed Parameter0 pages were removed, time Time s.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Task: Dynamicmemory_removememory
Opcode: Stop

Description

DM operation remove memory completed Parameter0 pages were removed, time Time s. (Virtual machine ID VmId).

Message #

DM operation remove memory completed %3 pages were removed, time %2 s. (Virtual machine ID %1)

Fields #

Name	Description
`VmId` UnicodeString
`Time` UnicodeString
`Parameter0` UInt64

Event ID 503: DM operation remove memory completed Parameter0 pages were removed, time Time s

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Task: Dynamicmemory_removememory
Opcode: Stop

Description

DM operation remove memory completed pages were removed, time s. (Virtual machine ID ).

Fields #

Name	Description
`VmId` UnicodeString
`Time` UnicodeString
`Parameter0` UInt64

Event ID 504: Started DM operation add memory (SLP).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Task: Dynamicmemory_addmemory(SLP)
Opcode: Start

Description

Started DM operation add memory (SLP). Balancer requested to add Parameter0 pages. (Virtual machine ID VmId).

Message #

Started DM operation add memory (SLP). Balancer requested to add %2 pages. (Virtual machine ID %1)

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 504: Started DM operation add memory (SLP)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Task: Dynamicmemory_addmemory(SLP)
Opcode: Start

Description

Started DM operation add memory (SLP). Balancer requested to add pages. (Virtual machine ID ).

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 505: DM operation add memory (SLP) completed Parameter0 pages were added, time Time s.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Task: Dynamicmemory_addmemory(SLP)
Opcode: Stop

Description

DM operation add memory (SLP) completed Parameter0 pages were added, time Time s. (Virtual machine ID VmId).

Message #

DM operation add memory (SLP) completed %3 pages were added, time %2 s. (Virtual machine ID %1)

Fields #

Name	Description
`VmId` UnicodeString
`Time` UnicodeString
`Parameter0` UInt64

Event ID 505: DM operation add memory (SLP) completed Parameter0 pages were added, time Time s

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Task: Dynamicmemory_addmemory(SLP)
Opcode: Stop

Description

DM operation add memory (SLP) completed pages were added, time s. (Virtual machine ID ).

Fields #

Name	Description
`VmId` UnicodeString
`Time` UnicodeString
`Parameter0` UInt64

Event ID 506: Virtual machine ID VmId : memory pressure Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Opcode: Start

Description

Virtual machine ID VmId : memory pressure Parameter0.

Message #

Virtual machine ID %1 : memory pressure %2.

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 506: Virtual machine ID VmId : memory pressure

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Opcode: Start

Description

Virtual machine ID : memory pressure .

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 507: Virtual machine ID VmId : committed memory Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Opcode: Start

Description

Virtual machine ID VmId : committed memory Parameter0.

Message #

Virtual machine ID %1 : committed memory %2.

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 507: Virtual machine ID VmId : committed memory

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Opcode: Start

Description

Virtual machine ID : committed memory .

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 508: Virtual machine ID VmId : available memory Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Opcode: Start

Description

Virtual machine ID VmId : available memory Parameter0.

Message #

Virtual machine ID %1 : available memory %2.

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 508: Virtual machine ID VmId : available memory

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Opcode: Start

Description

Virtual machine ID : available memory .

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 509: Virtual machine ID VmId : actual total physical memory Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Opcode: Start

Description

Virtual machine ID VmId : actual total physical memory Parameter0.

Message #

Virtual machine ID %1 : actual total physical memory %2.

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 509: Virtual machine ID VmId : actual total physical memory

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Opcode: Start

Description

Virtual machine ID : actual total physical memory .

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 510: Virtual machine ID VmId : guest visible physical memory Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Opcode: Start

Description

Virtual machine ID VmId : guest visible physical memory Parameter0.

Message #

Virtual machine ID %1 : guest visible physical memory %2.

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 510: Virtual machine ID VmId : guest visible physical memory

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Opcode: Start

Description

Virtual machine ID : guest visible physical memory .

Fields #

Name	Description
`VmId` UnicodeString
`Parameter0` UInt64

Event ID 511: NUMA node VmId: system average pressure: Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Opcode: Start

Description

NUMA node VmId: system average pressure: Parameter0.

Message #

NUMA node %1: system average pressure: %2.

Fields #

Name	Description
`VmId` UInt64
`Parameter0` UInt64

Event ID 511: NUMA node VmId: system average pressure:

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Opcode: Start

Description

NUMA node : system average pressure: .

Fields #

Name	Description
`VmId` UInt64
`Parameter0` UInt64

Event ID 512: NUMA node VmId: system available memory: Parameter0 MB.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Analytic
Opcode: Start

Description

NUMA node VmId: system available memory: Parameter0 MB.

Message #

NUMA node %1: system available memory: %2 MB.

Fields #

Name	Description
`VmId` UInt64
`Parameter0` UInt64

Event ID 512: NUMA node VmId: system available memory: Parameter0 MB

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Opcode: Start

Description

NUMA node : system available memory: MB.

Fields #

Name	Description
`VmId` UInt64
`Parameter0` UInt64

Event ID 1000: The Host Compute Service is starting.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Operational
Level: Informational

Description

The Host Compute Service is starting.

Message #

The Host Compute Service is starting.

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "{17103E3F-3C6E-4677-BB17-3B267EB5BE57}",
    "event_source_name": "",
    "event_id": 1000,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-06-13T13:54:29.2925566+00:00",
    "event_record_id": 1,
    "correlation": {},
    "execution": {
      "process_id": 5920,
      "thread_id": 3820
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "telemetry-W11-d.cell-d.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {}
  },
  "message": "The Host Compute Service is starting."
}

Event ID 1001: The Host Compute Service started successfully.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin
Level: Informational

Description

The Host Compute Service started successfully.

Message #

The Host Compute Service started successfully.

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "17103E3F-3C6E-4677-BB17-3B267EB5BE57",
    "event_source_name": "",
    "event_id": 1001,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2023-11-05T23:16:25.887020+00:00",
    "event_record_id": 1,
    "correlation": {},
    "execution": {
      "process_id": 7344,
      "thread_id": 8544
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Admin",
    "computer": "WinDev2310Eval",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {}
  },
  "message": ""
}

Event ID 1001: The Host Compute Service started successfully

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Level: 4

Description

The Host Compute Service started successfully.

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "{17103E3F-3C6E-4677-BB17-3B267EB5BE57}",
    "event_source_name": "",
    "event_id": 1001,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": -9223372036854775808,
    "time_created": "2026-06-13T13:54:29.3955289+00:00",
    "event_record_id": 1,
    "correlation": {},
    "execution": {
      "process_id": 5920,
      "thread_id": 3820
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Admin",
    "computer": "telemetry-W11-d.cell-d.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {}
  },
  "message": "The Host Compute Service started successfully."
}

Event ID 1002: The Host Compute Service is shutting down.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The Host Compute Service is shutting down.

Message #

The Host Compute Service is shutting down.

Event ID 1003: The Host Compute Service shut down successfully.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The Host Compute Service shut down successfully.

Message #

The Host Compute Service shut down successfully.

Event ID 1003: The Host Compute Service shut down successfully

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The Host Compute Service shut down successfully.

Event ID 2000: [VmlEventLog.SystemId] Create compute system, result VmlEventLog.Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Operational
Level: Informational

Description

[VmlEventLog.SystemId] Create compute system, result VmlEventLog.Result.

Message #

[%1] Create compute system, result %2

Fields #

Name	Description
`VmlEventLog.SystemId`
`VmlEventLog.Result`
`SystemId`
`Result`

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "{17103E3F-3C6E-4677-BB17-3B267EB5BE57}",
    "event_source_name": "",
    "event_id": 2000,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-06-13T15:12:00.0772694+00:00",
    "event_record_id": 30,
    "correlation": {},
    "execution": {
      "process_id": 5920,
      "thread_id": 4348
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "telemetry-W11-d.cell-d.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "23E050BB-12F7-4020-83DB-C1314F6202FB",
      "Result": "0xC0370103"
    }
  },
  "message": "[23E050BB-12F7-4020-83DB-C1314F6202FB] Create compute system, result 0xC0370103"
}

Event ID 2001: [VmlEventLog.SystemId] Start compute system, result VmlEventLog.Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Level: Informational

Description

[VmlEventLog.SystemId] Start compute system, result VmlEventLog.Result.

Message #

[%1] Start compute system, result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "17103E3F-3C6E-4677-BB17-3B267EB5BE57",
    "event_source_name": "",
    "event_id": 2001,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-03-11T06:31:57.210082+00:00",
    "event_record_id": 8,
    "correlation": {
      "ActivityID": "EC11E65C-B780-44B3-9B69-699C696F1636"
    },
    "execution": {
      "process_id": 9396,
      "thread_id": 9428
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "LAB-WIN11",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "29A7892D-8743-4A3F-85E3-06FE9D7977B4",
      "Result": "0xC0370103"
    }
  },
  "message": ""
}

Event ID 2002: [SystemId] Shut down compute system, result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Shut down compute system, result Result.

Message #

[%1] Shut down compute system, result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString

Event ID 2003: [VmlEventLog.SystemId] Terminate compute system, result VmlEventLog.Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Level: Informational

Description

[VmlEventLog.SystemId] Terminate compute system, result VmlEventLog.Result.

Message #

[%1] Terminate compute system, result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "17103E3F-3C6E-4677-BB17-3B267EB5BE57",
    "event_source_name": "",
    "event_id": 2003,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-03-13T20:09:01.956721+00:00",
    "event_record_id": 14,
    "correlation": {
      "ActivityID": "E036AC8C-7E60-4818-BA86-6545B9F00A66"
    },
    "execution": {
      "process_id": 3904,
      "thread_id": 5432
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "LAB-WIN11.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "2cf3235b-8f46-4ae6-adf2-07dc5259a954",
      "Result": "0xC0370103"
    }
  },
  "message": ""
}

Event ID 2004: [VmlEventLog.SystemId] Pause compute system, options 'VmlEventLog.Parameter0', result VmlEventLog.Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Level: Informational

Description

[VmlEventLog.SystemId] Pause compute system, options 'VmlEventLog.Parameter0', result VmlEventLog.Result.

Message #

[%1] Pause compute system, options '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "17103E3F-3C6E-4677-BB17-3B267EB5BE57",
    "event_source_name": "",
    "event_id": 2004,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-03-13T20:09:00.848634+00:00",
    "event_record_id": 8,
    "correlation": {
      "ActivityID": "A46EB575-B4A0-4530-869B-825F772695E7"
    },
    "execution": {
      "process_id": 3904,
      "thread_id": 5432
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "LAB-WIN11.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "2cf3235b-8f46-4ae6-adf2-07dc5259a954",
      "Result": "0xC0370103",
      "Parameter0": "{}"
    }
  },
  "message": ""
}

Event ID 2005: [SystemId] Resume compute system, options 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Resume compute system, options 'Parameter0', result Result.

Message #

[%1] Resume compute system, options '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2006: [SystemId] Get compute system properties, query 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Get compute system properties, query 'Parameter0', result Result.

Message #

[%1] Get compute system properties, query '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2007: [VmlEventLog.SystemId] Modify compute system, settings 'VmlEventLog.Parameter0', result VmlEventLog.Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Level: Informational

Description

[VmlEventLog.SystemId] Modify compute system, settings 'VmlEventLog.Parameter0', result VmlEventLog.Result.

Message #

[%1] Modify compute system, settings '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "17103E3F-3C6E-4677-BB17-3B267EB5BE57",
    "event_source_name": "",
    "event_id": 2007,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-03-11T06:32:03.625353+00:00",
    "event_record_id": 51,
    "correlation": {
      "ActivityID": "A1ACF3D5-1D8A-4C49-A11D-82377F58D522"
    },
    "execution": {
      "process_id": 9396,
      "thread_id": 9428
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "LAB-WIN11",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "29A7892D-8743-4A3F-85E3-06FE9D7977B4",
      "Result": "0x00000000",
      "Parameter0": "{\"RequestType\":\"Add\",\"ResourcePath\":\"VirtualMachine/Devices/Scsi/0/Attachments/3\",\"Settings\":{\"AlwaysAllowSparseFiles\":true,\"Path\":\"C:\\\\Users\\\\localuser\\\\AppData\\\\Local\\\\wsl\\\\{4d205ef4-e2d2-4c32-b102-f7572f1907f9}\\\\ext4.vhdx\",\"ReadOnly\":false,\"SupportCompressedVolumes\":true,\"SupportEncryptedFiles\":true,\"Type\":\"VirtualDisk\"}}"
    }
  },
  "message": ""
}

Event ID 2008: [VmlEventLog.SystemId] Query compute system notification, result VmlEventLog.Result, notification VmlEventLog.Parameter0 / VmlEventLog.Parameter1.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Level: Informational

Description

[VmlEventLog.SystemId] Query compute system notification, result VmlEventLog.Result, notification VmlEventLog.Parameter0 / VmlEventLog.Parameter1.

Message #

[%1] Query compute system notification, result %2, notification %3 / %4

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UInt32
`Parameter1` UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "17103E3F-3C6E-4677-BB17-3B267EB5BE57",
    "event_source_name": "",
    "event_id": 2008,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-03-11T06:32:03.667063+00:00",
    "event_record_id": 54,
    "correlation": {
      "ActivityID": "549D4145-F73A-4A1A-8AB3-9DC4FD21A9CC"
    },
    "execution": {
      "process_id": 9396,
      "thread_id": 9432
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "LAB-WIN11",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "29A7892D-8743-4A3F-85E3-06FE9D7977B4",
      "Result": "0x00000000",
      "Parameter0": 15,
      "Parameter1": "0x00000000"
    }
  },
  "message": ""
}

Event ID 2009: [VmlEventLog.SystemId] Queue system notification: VmlEventLog.Parameter0 / VmlEventLog.Parameter1.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Operational
Level: Informational

Description

[VmlEventLog.SystemId] Queue system notification: VmlEventLog.Parameter0 / VmlEventLog.Parameter1.

Message #

[%1] Queue system notification: %2 / %3

Fields #

Name	Description
`VmlEventLog.SystemId`
`VmlEventLog.Parameter0`
`VmlEventLog.Parameter1`
`SystemId`
`Parameter0`
`Parameter1`

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "{17103E3F-3C6E-4677-BB17-3B267EB5BE57}",
    "event_source_name": "",
    "event_id": 2009,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-06-13T15:12:07.4534371+00:00",
    "event_record_id": 32,
    "correlation": {},
    "execution": {
      "process_id": 5920,
      "thread_id": 8988
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "telemetry-W11-d.cell-d.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "23E050BB-12F7-4020-83DB-C1314F6202FB",
      "Parameter0": "1",
      "Parameter1": "0x00000000"
    }
  },
  "message": "[23E050BB-12F7-4020-83DB-C1314F6202FB] Queue system notification: 1 / 0x00000000"
}

Event ID 2010: [SystemId] Create Container, type 'Parameter0', settings 'Parameter1'.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Create Container, type 'Parameter0', settings 'Parameter1'.

Message #

[%1] Create Container, type '%2', settings '%3'

Fields #

Name	Description
`SystemId` UnicodeString
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 2011: [SystemId] Create Container VM, VM ID Parameter0, result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Create Container VM, VM ID Parameter0, result Result.

Message #

[%1] Create Container VM, VM ID %3, result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2012: [SystemId] Create Container template VM, image path 'Parameter2', VP count Parameter0, memory Parameter1 MB.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Create Container template VM, image path 'Parameter2', VP count Parameter0, memory Parameter1 MB.

Message #

[%1] Create Container template VM, image path '%4', VP count %2, memory %3 MB

Fields #

Name	Description
`SystemId` UnicodeString
`Parameter0` UInt32
`Parameter1` UInt32
`Parameter2` UnicodeString

Event ID 2013: [SystemId] Using template VM 'Parameter0'.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Using template VM 'Parameter0'.

Message #

[%1] Using template VM '%2'

Fields #

Name	Description
`SystemId` UnicodeString
`Parameter0` UnicodeString

Event ID 2014: [VmlEventLog.SystemId] Create Virtual Machine.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Operational
Level: Informational

Description

[VmlEventLog.SystemId] Create Virtual Machine.

Message #

[%1] Create Virtual Machine

Fields #

Name	Description
`VmlEventLog.SystemId`
`SystemId`

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "{17103E3F-3C6E-4677-BB17-3B267EB5BE57}",
    "event_source_name": "",
    "event_id": 2014,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-06-13T15:11:59.6998015+00:00",
    "event_record_id": 28,
    "correlation": {},
    "execution": {
      "process_id": 5920,
      "thread_id": 4348
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "telemetry-W11-d.cell-d.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "23E050BB-12F7-4020-83DB-C1314F6202FB"
    }
  },
  "message": "[23E050BB-12F7-4020-83DB-C1314F6202FB] Create Virtual Machine"
}

Event ID 2015: [SystemId] Add compute system resource, location 'Parameter0', resource 'Parameter1', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Add compute system resource, location 'Parameter0', resource 'Parameter1', result Result.

Message #

[%1] Add compute system resource, location '%3', resource '%4', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 2016: [SystemId] Modify compute system resource, location 'Parameter0', resource 'Parameter1', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Modify compute system resource, location 'Parameter0', resource 'Parameter1', result Result.

Message #

[%1] Modify compute system resource, location '%3', resource '%4', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 2017: [SystemId] Remove compute system, location 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Remove compute system, location 'Parameter0', result Result.

Message #

[%1] Remove compute system, location '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 2018: [VmlEventLog.SystemId] Save compute system, options 'VmlEventLog.Parameter0', result VmlEventLog.Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Level: Informational

Description

[VmlEventLog.SystemId] Save compute system, options 'VmlEventLog.Parameter0', result VmlEventLog.Result.

Message #

[%1] Save compute system, options '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "17103E3F-3C6E-4677-BB17-3B267EB5BE57",
    "event_source_name": "",
    "event_id": 2018,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-03-13T20:09:00.892427+00:00",
    "event_record_id": 11,
    "correlation": {
      "ActivityID": "F671F24A-D38B-4FB5-872A-52DF96BC260A"
    },
    "execution": {
      "process_id": 3904,
      "thread_id": 7292
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "LAB-WIN11.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "2cf3235b-8f46-4ae6-adf2-07dc5259a954",
      "Result": "0xC0370103",
      "Parameter0": "{\"RuntimeStateFilePath\":\"C:\\\\ProgramData\\\\Microsoft\\\\Windows\\\\Containers\\\\Snapshots\\\\7a502cbe-ae09-4bef-a804-acb145ffff9a\\\\SnapshotSavedState.vmrs\",\"SaveStateFilePath\":\"\"}"
    }
  },
  "message": ""
}

Event ID 2019: [SystemId] Crash compute system, options 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Crash compute system, options 'Parameter0', result Result.

Message #

[%1] Crash compute system, options '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2020: [SystemId] Cancel operation id Parameter0 result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Cancel operation id Parameter0 result Result.

Message #

[%1] Cancel operation id %3 result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2021: [SystemId] Get properties of operation id Parameter0 result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Get properties of operation id Parameter0 result Result.

Message #

[%1] Get properties of operation id %3 result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2500: [SystemId] Create process, parameters 'Parameter1', result Result, process ID Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Create process, parameters 'Parameter1', result Result, process ID Parameter0.

Message #

[%1] Create process, parameters '%4', result %2, process ID %3

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UInt32
`Parameter1` UnicodeString

Event ID 2501: [SystemId] Terminate process, process ID Parameter0, result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Terminate process, process ID Parameter0, result Result.

Message #

[%1] Terminate process, process ID %3, result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UInt32

Event ID 2502: [SystemId] Query process notification, process ID Parameter0, result Result, notification Parameter1 / Parameter2.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Query process notification, process ID Parameter0, result Result, notification Parameter1 / Parameter2.

Message #

[%1] Query process notification, process ID %3, result %2, notification %4 / %5

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UInt32
`Parameter1` UInt32
`Parameter2` UnicodeString

Event ID 2503: [SystemId] Queue process notification Parameter1 / Parameter2, process ID Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Queue process notification Parameter1 / Parameter2, process ID Parameter0.

Message #

[%1] Queue process notification %3 / %4, process ID %2

Fields #

Name	Description
`SystemId` UnicodeString
`Parameter0` UInt32
`Parameter1` UInt32
`Parameter2` UnicodeString

Event ID 2504: The dynamic memory balancer timer was started.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational
Level: Informational

Description

The dynamic memory balancer timer was started.

Message #

The dynamic memory balancer timer was started.

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "17103E3F-3C6E-4677-BB17-3B267EB5BE57",
    "event_source_name": "",
    "event_id": 2504,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 4611686018427387904,
    "time_created": "2026-03-13T20:25:20.753476+00:00",
    "event_record_id": 38,
    "correlation": {
      "ActivityID": "46199242-6BA3-49E9-87C1-DF661282CCC7"
    },
    "execution": {
      "process_id": 3904,
      "thread_id": 7256
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Operational",
    "computer": "LAB-WIN11.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {}
  },
  "message": ""
}

Event ID 2505: [SystemId] Start compute system preservation with settings 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Start compute system preservation with settings 'Parameter0', result Result.

Message #

[%1] Start compute system preservation with settings '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2506: [SystemId] Finalize compute system preservation with settings 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Finalize compute system preservation with settings 'Parameter0', result Result.

Message #

[%1] Finalize compute system preservation with settings '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2507: [SystemId] Start migration of compute system with settings 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Start migration of compute system with settings 'Parameter0', result Result.

Message #

[%1] Start migration of compute system with settings '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2508: [SystemId] Start migration transfer of compute system with settings 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Start migration transfer of compute system with settings 'Parameter0', result Result.

Message #

[%1] Start migration transfer of compute system with settings '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2509: [SystemId] Wait for compute system migration to be finalized with settings 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Wait for compute system migration to be finalized with settings 'Parameter0', result Result.

Message #

[%1] Wait for compute system migration to be finalized with settings '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2510: [SystemId] Migrate compute system with settings 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Migrate compute system with settings 'Parameter0', result Result.

Message #

[%1] Migrate compute system with settings '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 2511: [SystemId] Finalize compute system with settings 'Parameter0', result Result.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] Finalize compute system with settings 'Parameter0', result Result.

Message #

[%1] Finalize compute system with settings '%3', result %2

Fields #

Name	Description
`SystemId` UnicodeString
`Result` UnicodeString
`Parameter0` UnicodeString

Event ID 10000: The Host Compute Service failed to start: ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The Host Compute Service failed to start: ErrorMessage (ErrorCode).

Message #

The Host Compute Service failed to start: %1 (%2)

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 10000: The Host Compute Service failed to start: ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The Host Compute Service failed to start: ().

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 10001: The dynamic memory balancer failed to start because the host system is not supported.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The dynamic memory balancer failed to start because the host system is not supported.

Message #

The dynamic memory balancer failed to start because the host system is not supported.

Event ID 10001: The dynamic memory balancer failed to start because the host system is not supported

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The dynamic memory balancer failed to start because the host system is not supported.

Event ID 10002: Virtual machine 'Parameter0' cannot be started on this server.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

Virtual machine '%1' cannot be started on this server. The virtual machine NUMA topology requirements cannot be satisfied by the server NUMA topology. Try to use the server NUMA topology, or enable NUMA spanning. (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10002: Virtual machine 'Parameter0' cannot be started on this server

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10003: Virtual machine 'Parameter0' cannot be started on this server.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Virtual machine 'Parameter0' cannot be started on this server.

Message #

Virtual machine '%1' cannot be started on this server.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10003: Virtual machine 'Parameter0' cannot be started on this server

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Virtual machine 'Parameter0' cannot be started on this server.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10004: 'Parameter0' failed to start worker process: Parameter2 (Parameter3).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

'Parameter0' failed to start worker process: Parameter2 (Parameter3). (Virtual machine ID Parameter1).

Message #

'%1' failed to start worker process: %3 (%4). (Virtual machine ID %2)

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10004: 'Parameter0' failed to start worker process: Parameter2 (Parameter3)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

'Parameter0' failed to start worker process: Parameter2 (Parameter3). (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10005: Failed to start worker process: Parameter2 (Parameter3).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to start worker process: Parameter2 (Parameter3). (Virtual machine ID Parameter1).

Message #

Failed to start worker process: %3 (%4). (Virtual machine ID %2)

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10005: Failed to start worker process: Parameter2 (Parameter3)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to start worker process: (). (Virtual machine ID ).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10006: The virtual machine 'VmName' with RAM size Parameter0 MB failed to reset due to insufficient memory.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

The virtual machine '%1' with RAM size %3 MB failed to reset due to insufficient memory. %4 MB of memory is currently available to Hyper-V to provide both memory and supporting services to starting virtual machines. (Virtual machine ID %2)

Fields #

Name	Description
`VmName` UnicodeString
`VmId` UnicodeString
`Parameter0` UInt64
`Parameter1` UInt64

Event ID 10006: The virtual machine 'VmName' with RAM size Parameter0 MB failed to reset due to insufficient memory

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`VmName` UnicodeString
`VmId` UnicodeString
`Parameter0` UInt64
`Parameter1` UInt64

Event ID 10007: Failed to reset the virtual machine 'VmName' (Virtual machine ID VmId).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to reset the virtual machine 'VmName' (Virtual machine ID VmId).

Message #

Failed to reset the virtual machine '%1' (Virtual machine ID %2).

Fields #

Name	Description
`VmName` UnicodeString
`VmId` UnicodeString
`Parameter0` UInt64
`Parameter1` UInt64

Event ID 10007: Failed to reset the virtual machine 'VmName' (Virtual machine ID VmId)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to reset the virtual machine 'VmName' (Virtual machine ID VmId).

Fields #

Name	Description
`VmName` UnicodeString
`VmId` UnicodeString
`Parameter0` UInt64
`Parameter1` UInt64

Event ID 10008: The virtual machine 'Parameter0' with RAM size Parameter2 MB failed to start due to insufficient memory.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

The virtual machine '%1' with RAM size %3 MB failed to start due to insufficient memory. %4 MB of memory is currently available to Hyper-V to provide both memory and supporting services to starting virtual machines. (Virtual machine ID %2)

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10008: The virtual machine 'Parameter0' with RAM size Parameter2 MB failed to start due to insufficient memory

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10009: Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Message #

Failed to start the virtual machine '%1' (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10009: Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10010: The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Message #

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Event ID 10010: The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Event ID 10011: The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Message #

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Event ID 10011: The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Event ID 10013: DM operation add for the virtual machine 'Parameter0' took more than Parameter2 seconds (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

DM operation add for the virtual machine 'Parameter0' took more than Parameter2 seconds (Virtual machine ID Parameter1).

Message #

DM operation add for the virtual machine '%1' took more than %3 seconds (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10013: DM operation add for the virtual machine 'Parameter0' took more than Parameter2 seconds (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

DM operation add for the virtual machine 'Parameter0' took more than Parameter2 seconds (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10014: DM operation remove for the virtual machine 'Parameter0' took more than Parameter2 seconds (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

DM operation remove for the virtual machine 'Parameter0' took more than Parameter2 seconds (Virtual machine ID Parameter1).

Message #

DM operation remove for the virtual machine '%1' took more than %3 seconds (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10014: DM operation remove for the virtual machine 'Parameter0' took more than Parameter2 seconds (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

DM operation remove for the virtual machine 'Parameter0' took more than Parameter2 seconds (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10015: The dynamic memory balancer could not balance the system due to high memory pressure.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The dynamic memory balancer could not balance the system due to high memory pressure.

Message #

The dynamic memory balancer could not balance the system due to high memory pressure.

Event ID 10015: The dynamic memory balancer could not balance the system due to high memory pressure

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The dynamic memory balancer could not balance the system due to high memory pressure.

Event ID 10016: Smart Paging was active for the virtual machine 'Parameter0' more than Parameter2 seconds (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Smart Paging was active for the virtual machine 'Parameter0' more than Parameter2 seconds (Virtual machine ID Parameter1).

Message #

Smart Paging was active for the virtual machine '%1' more than %3 seconds (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10016: Smart Paging was active for the virtual machine 'Parameter0' more than Parameter2 seconds (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Smart Paging was active for the virtual machine 'Parameter0' more than Parameter2 seconds (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10017: The virtual machine 'Parameter0' stopped using Smart Paging after Parameter2 seconds (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The virtual machine 'Parameter0' stopped using Smart Paging after Parameter2 seconds (Virtual machine ID Parameter1).

Message #

The virtual machine '%1' stopped using Smart Paging after %3 seconds (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10017: The virtual machine 'Parameter0' stopped using Smart Paging after Parameter2 seconds (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The virtual machine 'Parameter0' stopped using Smart Paging after Parameter2 seconds (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10018: DM operation add for the virtual machine 'Parameter0' failed with error: Parameter2 (Parameter3) (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

DM operation add for the virtual machine 'Parameter0' failed with error: Parameter2 (Parameter3) (Virtual machine ID Parameter1).

Message #

DM operation add for the virtual machine '%1' failed with error: %3 (%4)  (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10018: DM operation add for the virtual machine 'Parameter0' failed with error: Parameter2 (Parameter3) (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

DM operation add for the virtual machine 'Parameter0' failed with error: Parameter2 (Parameter3) (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10019: DM operation remove for the virtual machine 'Parameter0' failed with error: Parameter2 (Parameter3) (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

DM operation remove for the virtual machine 'Parameter0' failed with error: Parameter2 (Parameter3) (Virtual machine ID Parameter1).

Message #

DM operation remove for the virtual machine '%1' failed with error: %3 (%4)  (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10019: DM operation remove for the virtual machine 'Parameter0' failed with error: Parameter2 (Parameter3) (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

DM operation remove for the virtual machine 'Parameter0' failed with error: Parameter2 (Parameter3) (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10020: The dynamic memory balancer could not add memory to the virtual machine 'Parameter0' because its configured maximum has been reached (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The dynamic memory balancer could not add memory to the virtual machine 'Parameter0' because its configured maximum has been reached (Virtual machine ID Parameter1).

Message #

The dynamic memory balancer could not add memory to the virtual machine '%1' because its configured maximum has been reached (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10020: The dynamic memory balancer could not add memory to the virtual machine 'Parameter0' because its configured maximum has been reached (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The dynamic memory balancer could not add memory to the virtual machine 'Parameter0' because its configured maximum has been reached (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10021: Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Message #

Failed to start the virtual machine '%1' (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10021: Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10022: The memory specified for the virtual machine cannot be supported by this host.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The memory specified for the virtual machine cannot be supported by this host. For instance, this can happen when the startup memory for the virtual machine exceeds the total memory on the host.

Message #

The memory specified for the virtual machine cannot be supported by this host. For instance, this can happen when the startup memory for the virtual machine exceeds the total memory on the host.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10022: The memory specified for the virtual machine cannot be supported by this host

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The memory specified for the virtual machine cannot be supported by this host. For instance, this can happen when the startup memory for the virtual machine exceeds the total memory on the host.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10023: The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Message #

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Event ID 10023: The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too low.

Event ID 10024: The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too high.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too high.

Message #

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too high.

Event ID 10024: The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too high

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The root memory reserve key (HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization\MemoryReserve) is set too high.

Event ID 10025: An invalid value is set for the DHMM policy.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

An invalid value is set for the DHMM policy.

Message #

An invalid value is set for the DHMM policy.

Event ID 10025: An invalid value is set for the DHMM policy

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

An invalid value is set for the DHMM policy.

Event ID 10026: An invalid value is set for the DHMM policy.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

An invalid value is set for the DHMM policy.

Message #

An invalid value is set for the DHMM policy.

Event ID 10026: An invalid value is set for the DHMM policy

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

An invalid value is set for the DHMM policy.

Event ID 10028: The virtual machine 'Parameter0' failed to start due to compute-less and resource-less NUMA node (NUMA node index Parameter2).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The virtual machine 'Parameter0' failed to start due to compute-less and resource-less NUMA node (NUMA node index Parameter2). (Virtual machine ID Parameter1).

Message #

The virtual machine '%1' failed to start due to compute-less and resource-less NUMA node (NUMA node index %3). (Virtual machine ID %2)

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10028: The virtual machine 'Parameter0' failed to start due to compute-less and resource-less NUMA node (NUMA node index Parameter2)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The virtual machine 'Parameter0' failed to start due to compute-less and resource-less NUMA node (NUMA node index Parameter2). (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 10029: Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Message #

Failed to start the virtual machine '%1' (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10029: Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10030: The requested virtual NUMA node count for the virtual machine cannot be supported by this host.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The requested virtual NUMA node count for the virtual machine cannot be supported by this host.

Message #

The requested virtual NUMA node count for the virtual machine cannot be supported by this host.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10030: The requested virtual NUMA node count for the virtual machine cannot be supported by this host

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The requested virtual NUMA node count for the virtual machine cannot be supported by this host.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10031: Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Message #

Failed to start the virtual machine '%1' (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10031: Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to start the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString
`Parameter3` UnicodeString

Event ID 10032: Not all device specific physical NUMA nodes are assigned to the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Not all device specific physical NUMA nodes are assigned to the virtual machine 'Parameter0' (Virtual machine ID Parameter1). Try to use the server NUMA topology.

Message #

Not all device specific physical NUMA nodes are assigned to the virtual machine '%1' (Virtual machine ID %2). Try to use the server NUMA topology.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10032: Not all device specific physical NUMA nodes are assigned to the virtual machine 'Parameter0' (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Not all device specific physical NUMA nodes are assigned to the virtual machine 'Parameter0' (Virtual machine ID Parameter1). Try to use the server NUMA topology.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10033: NUMA node assignment is not optimal for the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

NUMA node assignment is not optimal for the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Message #

NUMA node assignment is not optimal for the virtual machine '%1' (Virtual machine ID %2).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 10033: NUMA node assignment is not optimal for the virtual machine 'Parameter0' (Virtual machine ID Parameter1)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

NUMA node assignment is not optimal for the virtual machine 'Parameter0' (Virtual machine ID Parameter1).

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 11000: The specified compute system configuration is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified compute system configuration is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Message #

The specified compute system configuration is invalid: %1 (%2, '%3').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11000: The specified compute system configuration is invalid: ErrorMessage (ErrorCode, 'Parameter0')

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified compute system configuration is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11001: The specified property query is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified property query is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Message #

The specified property query is invalid: %1 (%2, '%3').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11001: The specified property query is invalid: ErrorMessage (ErrorCode, 'Parameter0')

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified property query is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11002: The specified options document is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified options document is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Message #

The specified options document is invalid: %1 (%2, '%3').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11002: The specified options document is invalid: ErrorMessage (ErrorCode, 'Parameter0')

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified options document is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11003: The specified settings document is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified settings document is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Message #

The specified settings document is invalid: %1 (%2, '%3').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11003: The specified settings document is invalid: ErrorMessage (ErrorCode, 'Parameter0')

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified settings document is invalid: ErrorMessage (ErrorCode, 'Parameter0').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11004: Failed to recover compute system (SystemId): ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to recover compute system (SystemId): ErrorMessage (ErrorCode).

Message #

Failed to recover compute system (%1): %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 11004: Failed to recover compute system (SystemId): ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to recover compute system (): ().

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 11005: [SystemId] The specified settings document is invalid: A required field 'Parameter0' is not present.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

[SystemId] The specified settings document is invalid: A required field 'Parameter0' is not present.

Message #

[%1] The specified settings document is invalid: A required field '%4' is not present.

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11005: [SystemId] The specified settings document is invalid: A required field 'Parameter0' is not present

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] The specified settings document is invalid: A required field 'Parameter0' is not present.

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11006: [SystemId] The specified settings document is invalid: A field 'Parameter0' contains an invalid value.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

[SystemId] The specified settings document is invalid: A field 'Parameter0' contains an invalid value.

Message #

[%1] The specified settings document is invalid: A field '%4' contains an invalid value.

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11006: [SystemId] The specified settings document is invalid: A field 'Parameter0' contains an invalid value

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

[SystemId] The specified settings document is invalid: A field 'Parameter0' contains an invalid value.

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11007: The specified save options are invalid: ErrorMessage (ErrorCode, 'Parameter0').

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified save options are invalid: ErrorMessage (ErrorCode, 'Parameter0').

Message #

The specified save options are invalid: %1 (%2, '%3').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11007: The specified save options are invalid: ErrorMessage (ErrorCode, 'Parameter0')

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified save options are invalid: ErrorMessage (ErrorCode, 'Parameter0').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11008: Cannot create system 'VmlEventLog.SystemId' since Hyper-V is not installed on the host.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin
Level: Error

Description

Cannot create system 'VmlEventLog.SystemId' since Hyper-V is not installed on the host.

Message #

Cannot create system '%1' since Hyper-V is not installed on the host.

Fields #

Name	Description
`SystemId`
`ErrorMessage`
`ErrorCode`

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-Hyper-V-Compute",
    "guid": "17103E3F-3C6E-4677-BB17-3B267EB5BE57",
    "event_source_name": "",
    "event_id": 11008,
    "version": 0,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2023-11-05T23:41:09.198537+00:00",
    "event_record_id": 3,
    "correlation": {},
    "execution": {
      "process_id": 7344,
      "thread_id": 8756
    },
    "channel": "Microsoft-Windows-Hyper-V-Compute-Admin",
    "computer": "WinDev2310Eval",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "user_data": {
    "VmlEventLog": {
      "SystemId": "23A0322C-4270-471D-AD61-428A1A5BBF7D",
      "ErrorMessage": "%%2151088386",
      "ErrorCode": "0x80370102"
    }
  },
  "message": ""
}

References #

Example event sourced from https://github.com/NextronSystems/evtx-baseline

Event ID 11008: Cannot create system 'SystemId' since Hyper-V is not installed on the host

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Cannot create system 'SystemId' since Hyper-V is not installed on the host.

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 11009: A resource URI 'Parameter0' specified in the compute system configuration field 'Parameter1' was not found: ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

A resource URI 'Parameter0' specified in the compute system configuration field 'Parameter1' was not found: ErrorMessage (ErrorCode).

Message #

A resource URI '%3' specified in the compute system configuration field '%4' was not found: %1 (%2).

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 11009: A resource URI 'Parameter0' specified in the compute system configuration field 'Parameter1' was not found: ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

A resource URI 'Parameter0' specified in the compute system configuration field 'Parameter1' was not found: ErrorMessage (ErrorCode).

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString
`Parameter1` UnicodeString

Event ID 11500: The specified number of processors is not supported by the system (Parameter0).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified number of processors is not supported by the system (Parameter0).

Message #

The specified number of processors is not supported by the system (%3).

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 11500: The specified number of processors is not supported by the system (Parameter0)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified number of processors is not supported by the system ().

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 11501: The specified relative processor weight is out of valid range (Parameter0).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified relative processor weight is out of valid range (Parameter0).

Message #

The specified relative processor weight is out of valid range (%3).

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 11501: The specified relative processor weight is out of valid range (Parameter0)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified relative processor weight is out of valid range ().

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 11502: The specified limit for the processors usage is out of valid range (Parameter0).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified limit for the processors usage is out of valid range (Parameter0).

Message #

The specified limit for the processors usage is out of valid range (%3).

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 11502: The specified limit for the processors usage is out of valid range (Parameter0)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified limit for the processors usage is out of valid range ().

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 11503: The specified Storage Quality of Service settings are not supported on Data Volume 'Parameter0': ErrorMessage (ErrorCode) (Container ID SystemId).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified Storage Quality of Service settings are not supported on Data Volume 'Parameter0': ErrorMessage (ErrorCode) (Container ID SystemId).

Message #

The specified Storage Quality of Service settings are not supported on Data Volume '%4': %2 (%3) (Container ID %1)

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11503: The specified Storage Quality of Service settings are not supported on Data Volume 'Parameter0': ErrorMessage (ErrorCode) (Container ID SystemId)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified Storage Quality of Service settings are not supported on Data Volume 'Parameter0': ErrorMessage (ErrorCode) (Container ID SystemId).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11504: Storage Quality of Service has been applied to a Container and to one or mode Data Volumes that reside on the same disk.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

Storage Quality of Service has been applied to a Container and to one or mode Data Volumes that reside on the same disk. Storage Quality of Service settings applied to this configuration may not be accurately enforced. Storage Quality of Service best practices recommend that Data Volumes reside on different disks than the Container components, including the Page File. (Container ID %1)

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 11504: Storage Quality of Service has been applied to a Container and to one or mode Data Volumes that reside on the same disk

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 11505: The specified memory amount is out of valid range (Parameter0).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified memory amount is out of valid range (Parameter0).

Message #

The specified memory amount is out of valid range (%3).

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 11505: The specified memory amount is out of valid range (Parameter0)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified memory amount is out of valid range ().

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 11506: The specified process parameters are invalid: ErrorMessage (ErrorCode, 'Parameter0').

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The specified process parameters are invalid: ErrorMessage (ErrorCode, 'Parameter0').

Message #

The specified process parameters are invalid: %1 (%2, '%3').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11506: The specified process parameters are invalid: ErrorMessage (ErrorCode, 'Parameter0')

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The specified process parameters are invalid: ErrorMessage (ErrorCode, 'Parameter0').

Fields #

Name	Description
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 11507: Failed to setup the external credentials for Container 'SystemId': ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to setup the external credentials for Container 'SystemId': ErrorMessage (ErrorCode).

Message #

Failed to setup the external credentials for Container '%1': %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 11507: Failed to setup the external credentials for Container 'SystemId': ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to setup the external credentials for Container 'SystemId': ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12000: Failed to create the Virtual Machine for Hyper-V Container 'SystemId': ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to create the Virtual Machine for Hyper-V Container 'SystemId': ErrorMessage (ErrorCode).

Message #

Failed to create the Virtual Machine for Hyper-V Container '%1': %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12000: Failed to create the Virtual Machine for Hyper-V Container 'SystemId': ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to create the Virtual Machine for Hyper-V Container 'SystemId': ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12001: Cannot start Hyper-V Container 'SystemId' since the hypervisor is not running in the host.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Cannot start Hyper-V Container 'SystemId' since the hypervisor is not running in the host.

Message #

Cannot start Hyper-V Container '%1' since the hypervisor is not running in the host.

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12001: Cannot start Hyper-V Container 'SystemId' since the hypervisor is not running in the host

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Cannot start Hyper-V Container 'SystemId' since the hypervisor is not running in the host.

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12002: Failed to create the Virtual Machine for Hyper-V Container template 'SystemId': ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to create the Virtual Machine for Hyper-V Container template 'SystemId': ErrorMessage (ErrorCode).

Message #

Failed to create the Virtual Machine for Hyper-V Container template '%1': %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12002: Failed to create the Virtual Machine for Hyper-V Container template 'SystemId': ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to create the Virtual Machine for Hyper-V Container template 'SystemId': ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12003: Cannot create a template for a Hyper-V Container, reached the maximum number of templates.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Cannot create a template for a Hyper-V Container, reached the maximum number of templates.

Message #

Cannot create a template for a Hyper-V Container, reached the maximum number of templates.

Event ID 12003: Cannot create a template for a Hyper-V Container, reached the maximum number of templates

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Cannot create a template for a Hyper-V Container, reached the maximum number of templates.

Event ID 12004: Failed to setup the template for a Hyper-V Container: ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to setup the template for a Hyper-V Container: ErrorMessage (ErrorCode).

Message #

Failed to setup the template for a Hyper-V Container: %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12004: Failed to setup the template for a Hyper-V Container: ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to setup the template for a Hyper-V Container: ().

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12005: Failed to setup Windows Defender for Container 'SystemId', Windows Defender is not available on the host.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to setup Windows Defender for Container 'SystemId', Windows Defender is not available on the host.

Message #

Failed to setup Windows Defender for Container '%1', Windows Defender is not available on the host.

Fields #

Name	Description
`SystemId` UnicodeString

Event ID 12005: Failed to setup Windows Defender for Container 'SystemId', Windows Defender is not available on the host

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to setup Windows Defender for Container 'SystemId', Windows Defender is not available on the host.

Fields #

Name	Description
`SystemId` UnicodeString

Event ID 12006: The Hyper-V Container 'SystemId' encountered a protocol error and was terminated.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The Hyper-V Container 'SystemId' encountered a protocol error and was terminated. An unexpected notification (Parameter0) was received.

Message #

The Hyper-V Container '%1' encountered a protocol error and was terminated. An unexpected notification (%4) was received.

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 12006: The Hyper-V Container 'SystemId' encountered a protocol error and was terminated

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The Hyper-V Container 'SystemId' encountered a protocol error and was terminated. An unexpected notification (Parameter0) was received.

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 12100: Failed to create network endpoint for Container 'SystemId': ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to create network endpoint for Container 'SystemId': ErrorMessage (ErrorCode).

Message #

Failed to create network endpoint for Container '%1': %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12100: Failed to create network endpoint for Container 'SystemId': ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to create network endpoint for Container 'SystemId': ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12101: Failed to delete network endpoint for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to delete network endpoint for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Message #

Failed to delete network endpoint for Container '%1', network endpoint ID '%4': %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12101: Failed to delete network endpoint for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to delete network endpoint for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12102: Failed to attach network endpoint to Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to attach network endpoint to Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Message #

Failed to attach network endpoint to Container '%1', network endpoint ID '%4': %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12102: Failed to attach network endpoint to Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to attach network endpoint to Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12103: Failed to detach network endpoint from Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to detach network endpoint from Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Message #

Failed to detach network endpoint from Container '%1', network endpoint ID '%4': %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12103: Failed to detach network endpoint from Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to detach network endpoint from Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12104: Failed to query network endpoint properties for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to query network endpoint properties for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Message #

Failed to query network endpoint properties for Container '%1', network endpoint ID '%4': %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12104: Failed to query network endpoint properties for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to query network endpoint properties for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12105: Failed to create network adapter for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Failed to create network adapter for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Message #

Failed to create network adapter for Container '%1', network endpoint ID '%4': %2 (%3).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12105: Failed to create network adapter for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Failed to create network adapter for Container 'SystemId', network endpoint ID 'Parameter0': ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 12106: Cannot perform the operation for compute system 'SystemId' as that system has one or more devices assigned to it;: ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Cannot perform the operation for compute system 'SystemId' as that system has one or more devices assigned to it;: ErrorMessage (ErrorCode).

Message #

Cannot perform the operation for compute system '%1' as that system has one or more devices assigned to it;: %2 (%3)

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12106: Cannot perform the operation for compute system 'SystemId' as that system has one or more devices assigned to it;: ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Cannot perform the operation for compute system 'SystemId' as that system has one or more devices assigned to it;: ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12107: Cannot perform the operation for compute system 'SystemId' because it is assigned one or more GPU partitions;: ErrorMessage (ErrorCode).

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Cannot perform the operation for compute system 'SystemId' because it is assigned one or more GPU partitions;: ErrorMessage (ErrorCode).

Message #

Cannot perform the operation for compute system '%1' because it is assigned one or more GPU partitions;: %2 (%3)

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 12107: Cannot perform the operation for compute system 'SystemId' because it is assigned one or more GPU partitions;: ErrorMessage (ErrorCode)

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Cannot perform the operation for compute system 'SystemId' because it is assigned one or more GPU partitions;: ErrorMessage (ErrorCode).

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 40012: Memory weight above maximum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory weight above maximum.

Message #

Memory weight above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40012: Memory weight above maximum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory weight above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40014: Memory virtual quantity above maximum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory virtual quantity above maximum.

Message #

Memory virtual quantity above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40014: Memory virtual quantity above maximum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory virtual quantity above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40016: Memory virtual quantity below minimum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory virtual quantity below minimum.

Message #

Memory virtual quantity below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40016: Memory virtual quantity below minimum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory virtual quantity below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40018: Memory virtual quantity not properly aligned.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory virtual quantity not properly aligned.

Message #

Memory virtual quantity not properly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40018: Memory virtual quantity not properly aligned

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory virtual quantity not properly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40020: Memory virtual quantity above limit.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory virtual quantity above limit.

Message #

Memory virtual quantity above limit.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40020: Memory virtual quantity above limit

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory virtual quantity above limit.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40022: Memory virtual quantity below reservation.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory virtual quantity below reservation.

Message #

Memory virtual quantity below reservation.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40022: Memory virtual quantity below reservation

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory virtual quantity below reservation.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40024: Memory limit above maximum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory limit above maximum.

Message #

Memory limit above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40024: Memory limit above maximum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory limit above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40026: Memory limit below minimum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory limit below minimum.

Message #

Memory limit below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40026: Memory limit below minimum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory limit below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40028: Memory limit not properly aligned.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory limit not properly aligned.

Message #

Memory limit not properly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40028: Memory limit not properly aligned

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory limit not properly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40030: Memory reservation above maximum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory reservation above maximum.

Message #

Memory reservation above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40030: Memory reservation above maximum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory reservation above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40032: Memory reservation below minimum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory reservation below minimum.

Message #

Memory reservation below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40032: Memory reservation below minimum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory reservation below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40034: Memory reservation not properly aligned.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory reservation not properly aligned.

Message #

Memory reservation not properly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40034: Memory reservation not properly aligned

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory reservation not properly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40036: Memory target memory buffer above maximum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory target memory buffer above maximum.

Message #

Memory target memory buffer above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40036: Memory target memory buffer above maximum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory target memory buffer above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40038: Memory target memory buffer below minimum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory target memory buffer below minimum.

Message #

Memory target memory buffer below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40038: Memory target memory buffer below minimum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory target memory buffer below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40048: Invalid memory alignment.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Invalid memory alignment.

Message #

Invalid memory alignment.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40048: Invalid memory alignment

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Invalid memory alignment.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40050: The version of the virtual machine is not compatible with the alignment.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The version of the virtual machine is not compatible with the alignment.

Message #

The version of the virtual machine is not compatible with the alignment.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40050: The version of the virtual machine is not compatible with the alignment

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The version of the virtual machine is not compatible with the alignment.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40052: Memory weight is below minimum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory weight is below minimum.

Message #

Memory weight is below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40052: Memory weight is below minimum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory weight is below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40054: The version or generation of the virtual machine is not compatible with SGX.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

The version or generation of the virtual machine is not compatible with SGX.

Message #

The version or generation of the virtual machine is not compatible with SGX.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40054: The version or generation of the virtual machine is not compatible with SGX

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

The version or generation of the virtual machine is not compatible with SGX.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40056: SGX launch control mode is invalid.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

SGX launch control mode is invalid.

Message #

SGX launch control mode is invalid.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40056: SGX launch control mode is invalid

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

SGX launch control mode is invalid.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40058: Default SGX launch control MSR string is invalid.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Default SGX launch control MSR string is invalid.

Message #

Default SGX launch control MSR string is invalid.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40058: Default SGX launch control MSR string is invalid

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Default SGX launch control MSR string is invalid.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40060: Memory per virtual NUMA node is above maximum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory per virtual NUMA node is above maximum.

Message #

Memory per virtual NUMA node is above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40060: Memory per virtual NUMA node is above maximum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory per virtual NUMA node is above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40062: Memory per virtual NUMA node is below minimum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory per virtual NUMA node is below minimum.

Message #

Memory per virtual NUMA node is below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40062: Memory per virtual NUMA node is below minimum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory per virtual NUMA node is below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40064: Memory per virtual NUMA node is not properly aligned.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Memory per virtual NUMA node is not properly aligned.

Message #

Memory per virtual NUMA node is not properly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40064: Memory per virtual NUMA node is not properly aligned

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Memory per virtual NUMA node is not properly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40066: SGX memory is above maximum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

SGX memory is above maximum.

Message #

SGX memory is above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40066: SGX memory is above maximum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

SGX memory is above maximum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40068: SGX memory is below minimum.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

SGX memory is below minimum.

Message #

SGX memory is below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40068: SGX memory is below minimum

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

SGX memory is below minimum.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40070: SGX memory is not porperly aligned.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

SGX memory is not porperly aligned.

Message #

SGX memory is not porperly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40070: SGX memory is not porperly aligned

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

SGX memory is not porperly aligned.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40072: Pool id specified is unknown.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Description

Pool id specified is unknown.

Message #

Pool id specified is unknown.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 40072: Pool id specified is unknown

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Description

Pool id specified is unknown.

Fields #

Name	Description
`Parameter0` UnicodeString
`Parameter1` UnicodeString
`Parameter2` UnicodeString

Event ID 65526: SystemId|ErrorMessage|ErrorCode.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Message #

%1|%2|%3

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` Int32
`ErrorCode` UnicodeString

Event ID 65527: %.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Message #

%%%1|%2|%3

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 65528: SystemId|ErrorMessage|ErrorCode.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Message #

%1|%2|%3

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 65529: task_065529

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Event ID 65530: --

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

--

Event ID 65530: --

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Event ID 65531: Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

%1

Fields #

Name	Description
`Parameter0` UnicodeString

Event ID 65531

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`Parameter0` UnicodeString

Event ID 65532: SystemId|ErrorMessage|ErrorCode.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

%1|%2|%3

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 65532: SystemId|ErrorMessage|

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString

Event ID 65533: SystemId|ErrorMessage|ErrorCode|Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

%1|%2|%3|%4

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 65533: SystemId|ErrorMessage|ErrorCode|

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` UnicodeString

Event ID 65534: SystemId|ErrorMessage|ErrorCode|Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

%1|%2|%3|%4

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 65534: SystemId|ErrorMessage|ErrorCode|

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` Int64

Event ID 65535: SystemId|ErrorMessage|ErrorCode|Parameter0.

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Microsoft-Windows-Hyper-V-Compute-Admin

Message #

%1|%2|%3|%4

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Event ID 65535: SystemId|ErrorMessage|ErrorCode|

Provider: Microsoft-Windows-Hyper-V-Compute
Channel: Operational

Fields #

Name	Description
`SystemId` UnicodeString
`ErrorMessage` UnicodeString
`ErrorCode` UnicodeString
`Parameter0` GUID

Provenance

Where this provider's schema came from, and which Windows build it was observed on. Windows can change a provider's event schema between builds, so use this to judge whether it matches the build you collect from.

ETW provider GUID 17103e3f-3c6e-4677-bb17-3b267eb5be57

Defined in vmcomputeeventlog.dll, which carries the event manifest.

Observed on:

Win11-26200.6584, schema read from the registered manifest, binary version 10.0.26100.1, captured 2026-06-02

Downloads

Microsoft-Windows-Hyper-V-Compute registered manifest XML (in the Win11-26200.6584 manifest pack, 2.0 MB) manifest-xml

`j` / `k`	Scroll down / up
`d` / `u`	Half-page down / up
`gg` / `G`	Top / bottom
`h` / `l`	History back / forward
`f`	Follow link (`Shift` = new tab)
`/`	Focus search
`?`	Toggle this help
`↑` / `↓`	Navigate search results
`Enter`	Open highlighted result
`Esc`	Close results / dialog

`type:`	`events` / `rules` / `providers`
`vendor:`	`sigma` / `elastic` / `splunk` / `kusto` / `chronicle` (vendor name alone also works: `sigma:`, `kql:`, `secops:`…)
`tactic:`	TA-id, slug, or name: `credential_access`, `TA0006`
`technique:`	technique or sub-technique ID: `T1003`, `T1003.001` (alias `tech:`)
`severity:`	`critical` / `high` / `medium` / `low` / `informational` (alias `sev:`)
`risk_score`	Numeric comparison on the Elastic risk score (0 to 100): `risk_score>50`, `risk_score<=20`, `risk_score=99` (alias `risk`; Elastic rules only)
`stages:`	Rules with exactly N pipeline stages
`correlation:`	`single_event` / `sequence` / `alternatives` / `alternatives_cross_log` / `all_required` / `correlated`
`with:`	Co-occurrence event-id; stacks (`with:4624 with:4769`) to require all, while a comma list in one occurrence (`with:4624,4769`) is an either-or group. Implies multi-event
`like:`	Structural neighbors of a rule slug (equivalents + subsumption stricter / broader): `like:comsvcs_lsass_memory_dump-splunk-sysmon`
`groupby:`	Entity-grouping substring match against `group_by_keys`: `groupby:user`, `groupby:host`
`uses:`	Rules whose predicate tree touches the field (any kind, any value): `uses:CommandLine`
`excludes:`	Rules with top-level `not()` clauses on the field (FP whitelists): `excludes:ParentImage`
`field:` / `value:`	Predicate search; narrows rule cards to those with a matching leaf and drives the indicator tier. Unquoted = substring, wildcards allowed (`value:mimikatz`)
`indicator:`	Shorthand for `field:F value:V`: `indicator:Image=*\powershell.exe`
`kind:`	Filter by predicate kind. Narrows rule cards to those carrying a matching predicate leaf (`vendor:elastic kind:cidr_match`) and drives the indicator tier: `contains` / `starts_with` / `ends_with` / `regex` / `cidr` / `eq` / `in` … (operator aliases `op:`/`match:`)
`has:` / `no:`	`sample`, `field`, `notes`, `refs`, `trace`, `thirdparty`, `rule`, `pattern`, `timewindow`, `threshold`, `newterms`, `sigma`/`elastic`/`splunk`/`kusto`/`chronicle`
`-op:val`	Exclude matches; works on most operators but not `type:`/`like:`/`has:`/`no:` (use `no:<flag>` to exclude a rule flag): `tactic:execution -vendor:splunk`. Standalone `-kind:`/`-field:`/`-value:` drop every rule carrying a matching predicate leaf (`type:rules -kind:is_null`)
`field:"…"` / `value:"…"`	Quoted value = anchored exact match (also allows spaces): `value:"net user"`
`a,b`	Comma = OR inside one operator (`vendor:sigma,elastic`, `severity:high,critical`); repeating a facet merges the same way. `field:`/`value:` never split (literal commas)
`vendors:` / `stage:`	Singular and plural spellings fold to the canonical operator and value: `tactics:` = `tactic:`, `type:event` = `type:events`, `correlation:sequences` = `correlation:sequence`, `has:thresholds` = `has:threshold`
`"quoted phrase"`	Exact-match a multi-word phrase (free text)