We're now a non-profit! Support open source packet analysis by making a donation.
Wireshark logo

Display Filter Reference: ETW WFP Capture

Protocol field name: etw.wfp_capture

Versions: 2.6.0 to 4.0.8

Back to Display Filter Reference

Field name Description Type Versions
etw.wfp_capture.calloutCalloutUnsigned integer (32 bits)2.6.0 to 4.0.8
etw.wfp_capture.callout_error_messageDriver NameCharacter string2.6.0 to 4.0.8
etw.wfp_capture.driver_error_messageDriver NameCharacter string2.6.0 to 4.0.8
etw.wfp_capture.driver_nameDriver NameCharacter string2.6.0 to 4.0.8
etw.wfp_capture.event_idEvent IDUnsigned integer (32 bits)2.6.0 to 4.0.8
etw.wfp_capture.filter_idFilter IDUnsigned integer (64 bits)2.6.0 to 4.0.8
etw.wfp_capture.filter_weightFilter WeightUnsigned integer (64 bits)2.6.0 to 4.0.8
etw.wfp_capture.major_versionMajor VersionUnsigned integer (16 bits)2.6.0 to 4.0.8
etw.wfp_capture.minor_versionMinor VersionUnsigned integer (16 bits)2.6.0 to 4.0.8
etw.wfp_capture.nt_statusNT StatusUnsigned integer (32 bits)2.6.0 to 4.0.8

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube