Event ID 5440

The following callout was present when the Windows Filtering Platform Base Filtering Engine started.

The following callout was present when the Windows Filtering Platform Base Filtering Engine started.

Provider Information:   
    ID:     %1
    Name:       %2

Callout Information:
    ID:     %3
    Name:       %4
    Type:       %5
    Run-Time ID:    %6

Layer Information:
    ID:     %7
    Name:       %8
    Run-Time ID:    %9

Lookup Audit Policy Configuration Settings


  C:\> AuditPol.exe /get  /subcategory:"Filtering Platform Policy Change"

How to enable Windows Auditing

Recommended Audit Policy

Operating Systems:

Windows Vista Windows 2008 Windows 2008 R2 Windows 7 Windows 2012 Windows 2012 R2 Windows 8 Windows 8.1 Windows 10 Windows 2016 Windows 2019 Windows 11 Windows 2022

Audit Category:

Policy Change

Audit Subcategory:

Filtering Platform Policy Change

LEFT/RIGHT arrow keys for navigation

Back to List