Windows Firewall - How to add

Enable Windows Firewall Logs

To monitor the Windows Firewall logs, you need to initially add the Windows host from which the Firewall logs are to be collected.

For EventLog Analyzer to collect Windows Firewall logs, follow the below procedure to enable Windows Firewall logging

1. Open your Event Viewer.

2. Go to Application and Service Logs > Microsoft > Windows > Windows Firewall With Advance Security > Firewall

3. Right Click in Firewall and select 'Enable Log'

This will enable the logging for Windows Firewall and the logs will be available under Event Viewer.

To perform search and generate report out of these logs,carry out the following registry configuration

1. Open your registry editor, 'regedit' of your Windows host in Command Line window

2. Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog

3. Right click on 'eventlog' and create a new key as Microsoft Windows - Windows Firewall With Advanced Security/Firewall