Parse SRUM Network Usage

Overview

Evidence: Parse SRUM Network Usage Description: Parse System Resource Usage Monitor (SRUM) Network Data Usage. Category: Platform: windows Short Name: srumnetparse Is Parsed: No Sent to Investigation Hub: Yes Collect File(s): No

Data Collected

This collector gathers structured data about parse srum network usage.

Parse SRUM Network Usage Data

Field

Description

Example

AutoIncId

Auto-increment ID from SRUM database

123

Timestamp

Timestamp

2023-10-15 14:30:25

ApplicationName

Application Name

Example Name

UserSid

Windows SID in S-1-5-... format (from SRUM IdMapTable)

S-1-5-21-...

UserName

Resolved username via Windows API (LookupAccountSidW)

Example Name

InterfaceLuid

LUID identifier

123

L2ProfileId

L2 Profile Id

123

L2ProfileFlags

L2 Profile Flags

123

BytesSent

Bytes Sent

1024

BytesRecvd

Bytes Recvd

1024

PreviousParse SRUM Network Connectivity NextPDB Information

Last updated 16 days ago

Was this helpful?