Event ID: 4944
The following policy was active when the Windows Firewall startedThe following policy was active when the Windows Firewall started. Group Policy Applied: %1 Profile Used: %2 Operational mode: %3 Allow Remote Administration: %4 Allow Unicast Responses to Multicast/Broadcast Traffic: %5 Security Logging: Log Dropped Packets: %6 Log Successful Connections: %7
This event generates every time Windows Firewall service starts.
This event shows Windows Firewall settings that were in effect when the Windows Firewall service started.
Lookup Audit Policy Configuration Settings
C:\> AuditPol.exe /get /subcategory:"MPSSVC Rule-Level Policy Change"
Operating Systems:
Windows Vista Windows 2008 Windows 2008 R2 Windows 7 Windows 2012 Windows 2012 R2 Windows 8 Windows 8.1 Windows 10 Windows 2016 Windows 2019Tags:
Audit SuccessLEFT/RIGHT arrow keys for navigation
Back to List