DateTime
|
Date/Time of event origination in GMT format.
|
DateTime
|
10.10.2000 19:00:00
|
Source
|
Name of an Application or System Service originating the event.
|
Source
|
Security
|
Type
|
Warning, Information, Error, Success, Failure, etc.
|
Type
|
Success
|
User
|
Domain\Account name of user/service/computer initiating event.
|
User
|
RESEARCH\Alebovsky
|
Computer
|
Name of server workstation where event was logged.
|
Computer
|
DC1
|
EventID
|
Numerical ID of event. Unique within one Event Source.
|
EventId
|
576
|
Description
|
The entire unparsed event message.
|
Description
|
Special privileges assigned to new logon.
|
Log Name
|
The name of the event log (e.g. Application, Security, System, etc.)
|
LogName
|
Security
|
Category
|
A name for a subclass of events within the same Event Source.
|
Category
|
Logon/Logoff
|
Policy origin
|
Indicates whether Windows Firewall was getting its settings from Group Policy or the system's local policy.
|
InsertionString1
|
Local Policy
|
Profile changed
|
Standard or Domain. Domain profile is applied when the computer is on its "home" network, Standard profile is applied when the computer is not connected to its "home" network, e.g. out travelling and connected to public internet via Wi-Fi.
|
InsertionString2
|
Standard
|
Interface
|
Displays Network Interface Cards this firewall setting is configured for.
|
InsertionString3
|
All interfaces
|
Change type
|
Type of change to the exception list: exception added, removed, or modified
|
InsertionString4
|
Modify
|
New Name
|
New value for the service name corresponding to the port changed
|
InsertionString5
|
NetBIOS Name Service
|
New Port number
|
New value for the port number through which traffic is allowed
|
InsertionString6
|
137
|
New Protocol
|
New value for the protocol type (UDP or TCP) via which traffic is allowed
|
InsertionString7
|
UDP
|
New State
|
New value for the state of the exception rule: Enabled or Disabled
|
InsertionString8
|
Enabled
|
New Scope
|
New value for the scope of the exception rule: IP address or subnet mask to which the rule applies
|
InsertionString9
|
Local subnet only
|
Old Name
|
Old value for the service name corresponding to the port changed
|
InsertionString10
|
NetBIOS Name Service
|
Old Port number
|
Old value for the port number through which traffic is allowed
|
InsertionString11
|
137
|
Old Protocol
|
Old value for the protocol type (UDP or TCP) via which traffic is allowed
|
InsertionString12
|
UDP
|
Old State
|
Old value for the state of the exception rule: Enabled or Disabled
|
InsertionString13
|
Disabled
|
Old Scope
|
Old value for the scope of the exception rule: IP address or subnet mask to which the rule applies
|
InsertionString14
|
Local subnet only
|