MSFT_MpEvent class
Windows Defender Event Indication Class
The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties.
Syntax
class MSFT_MpEvent
{
uint32 CategoryDiscriminant;
uint32 ScanNotificationsValue;
uint32 ThreatNotificationsValue;
uint32 SignatureNotificationsValue;
uint32 ComputerNotificationsValue;
DateTime NotificationTime;
uint32 AdditionalData;
};
Members
The MSFT_MpEvent class has these types of members:
Properties
The MSFT_MpEvent class has these properties.
-
AdditionalData
-
-
Data type: uint32
-
Access type: Read-only
Additional Data. At the moment, the only use is when the CategoryDiscriminant is equal to ThreatStateNotificationsthen this value will contains the ThreatID
-
-
CategoryDiscriminant
-
-
Data type: uint32
-
Access type: Read-only
Category of Notification.
-
-
ComputerNotificationsValue
-
-
Data type: uint32
-
Access type: Read-only
Detailed Computer Notifications.
-
-
NotificationTime
-
-
Data type: DateTime
-
Access type: Read-only
Date and time the WMI Event was generated
-
-
ScanNotificationsValue
-
-
Data type: uint32
-
Access type: Read-only
Detailed Scan Notifications.
-
-
SignatureNotificationsValue
-
-
Data type: uint32
-
Access type: Read-only
Detailed Signature Notifications.
-
-
ThreatNotificationsValue
-
-
Data type: uint32
-
Access type: Read-only
Detailed Threat Notifications.
-
Requirements
| Minimum supported client |
Windows 8.1 [desktop apps only] |
| Minimum supported server |
Windows Server 2012 R2 [desktop apps only] |
| Namespace |
Root\Microsoft\Windows\Defender |
| MOF |
|
| DLL |
|