1
_time
3
ActionName
5
ActivityID
7
Channel
9
Computer
11
EnginePID
13
Error_Code
15
EventCode
17
EventData_Xml
19
EventID
21
EventRecordID
23
Guid
25
Keywords
27
Level
29
Name
31
Opcode
33
ProcessID
35
RecordNumber
37
SystemTime
39
System_Props_Xml
41
Task
43
TaskInstanceId
45
TaskName
47
ThreadID
49
UserID
51
Version
53
app
55
date_hour
57
date_mday
59
date_minute
61
date_month
63
date_second
65
date_wday
67
date_year
69
date_zone
71
dest
73
dvc
75
dvc_nt_host
77
event_id
79
eventtype
81
host
83
id
85
index
87
linecount
89
product
91
punct
93
signature_id
95
source
97
sourcetype
99
splunk_server
101
ta_windows_action
103
tag
105
tag::eventtype
107
timeendpos
109
timestartpos
111
user_id
113
vendor
115
vendor_product
117
not set