Hello everyone. I'm currently working on a lab assignment and I'm having trouble understanding the meaning of two specific fields in PowerShell log hunting. Could someone please explain these two fields to me? I would greatly appreciate it. Thank you.
I don't know PowerShell logs...but in a situation like this I would set the Selected to Yes for the fields you're trying to figure out. Based on your screen shots, those fields appear for 100% of your events. When you set that to Yes, you will see the field & value appear with each event in your results. Then you can try and match up what the value is with the text that's there in the event.
But - also keep in mind there could be calculated events, too. For example, MessageTotal might be the # of bytes in the event, and won't actually appear within the data. Having them displayed with each event will help you deduce what they might represent, though - if MessageTotal was 1 for a whole bunch of 1-byte events, then you know your answer.
