[Bug]: Convert-EventLogRecord Fails to Parse Bits-Client XML due to Id value

[cutaway]

Describe the problem

The EventData in the Bits-Client log contains a field named 'Id' (note lowercase d). When processing the log's message a new key is created for the 'Id' field but the dictionary already contains an 'ID' field for the event's Event ID. This results in an error message for each of the Bits Event Log messages.

Expectation

The EventData 'Id' field should not cause an issue and the event data should be parsed correctly.

Additional Information

The following output has been modified slightly to obfuscate the information.

PS Client-Win10 [12/13/2023 17:42:19]> Get-WinEvent -FilterHashtable @{ LogName='Microsoft-Windows-Bits-Client/Operational'; Id='59'} -MaxEvents 1 | Format-List TimeCreated,Message,EventData

TimeCreated : 12/13/2023 01:33:18 PM
Message     : BITS started the NucleusUpdateRingConfigJSON transfer job that is associated with the
              https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=xxxxxxxxxxxxxxxxxxxxxxxxxxx URL.

PS Client-Win10 [12/13/2023 17:43:33]> Get-WinEvent -FilterHashtable @{  LogName='Microsoft-Windows-Bits-Client/Operational'; Id='59' } -MaxEvents 1 | Convert-EventLogRecord
Exception calling "Add" with "2" argument(s): "Item has already been added. Key in dictionary: 'ID'  Key
being added: 'Id'"
At C:\Program
Files\WindowsPowerShell\Modules\PSScriptTools\2.48.0\functions\Convert-EventLogRecord.ps1:61 char:25
+                         $h.add($name, $Value)
+                         ~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : ArgumentException



LogName                  : Microsoft-Windows-Bits-Client/Operational
RecordType               : Information
TimeCreated              : 12/13/2023 01:33:18 PM
ID                       : 59
transferId               : {4081xxxx-xxxx-xxxx-xxxx-xxxx42faf2b8}
name                     : NucleusUpdateRingConfigJSON
url                      : https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=xxxxxxxxxxxxxxxxxxxxxxxxxxx 
                           
peer                     :
fileTime                 : 2023-12-13T19:30:23.0000000Z
fileLength               : 75675
bytesTotal               : 75675
bytesTransferred         : 0
bytesTransferredFromPeer : 0
Message                  : BITS started the NucleusUpdateRingConfigJSON transfer job that is associated
                           with the https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=xxxxxxxxxxxxxxxxxxxxxxxxxxx URL.
Keywords                 : {}
Source                   : Microsoft-Windows-Bits-Client
Computername             : client-win10

PowerShell version

5.1

Platform

Windows 10 Pro or Enterprise

Additional Checks

• You are using the latest version of this module.
• You have read this repository's README file.
• You have read full help and examples for the command you are having problems with.
• You are running PowerShell in an elevated session.
• You are running in a traditional PowerShell console or Windows Terminal

[jdhitsolutions]

I will have to dig into this.

[jdhitsolutions]

This should be fixed in v2.49.0 if you want to update and test.