Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Type: Success Audit|
The following policy was active when the Windows Firewall started.
Group Policy applied: No
Profile used: Standard
Interface: All interfaces
Operational mode: On
File and Printer Sharing: Enabled
Remote Desktop: Disabled
UPnP Framework: Disabled
Allow remote administration: Disabled
Allow unicast responses to multicast/broadcast traffic: Disabled
Log dropped packets: Disabled
Log successful connections Disabled
Allow incoming echo request: Enabled
Allow incoming timestamp request: Disabled
Allow incoming mask request: Disabled
Allow incoming router request: Disabled
Allow outgoing destination unreachable: Disabled
Allow outgoing source quench: Disabled
Allow outgoing parameter problem: Disabled
Allow outgoing time exceeded: Disabled
Allow redirect: Disabled
Allow outgoing packet too big: Disabled
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
|English: Request a translation of the event description in plain English.|
This message is recorded by Windows XP SP2 at startup indicating the policy that will be used by the embedded firewall. The settings that will be used are displayed in the event description. The Windows Firewall can be configured using the Local Area Connection applet, Advanced tab.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated