Admin-Ahead Community

Windows => General Windows => Topic started by: Aby on January 06, 2014, 05:29:43 am

Title: To enable Windows Firewall with Advanced Security audit events
Post by: Aby on January 06, 2014, 05:29:43 am: Code: [Select]
1 Open an administrative command prompt Start >> All Programs >> click Accessories >> right-click Command Prompt >> Run as administrator
Code: [Select]
2 If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue
Code: [Select]
3)At the command prompt, type the following command. You can copy and paste this command into the Command Prompt window: auditpol.exe /set /SubCategory:"MPSSVC rule-level Policy Change","Filtering Platform policy change","IPsec Main Mode","IPsec Quick Mode","IPsec Extended Mode","IPsec Driver","Other System Events","Filtering Platform Packet Drop","Filtering Platform Connection" /success:enable /failure:enable
Code: [Select]
4)Restart the Windows Firewall service by typing the following commands, ending each by pressing ENTER: net stop MPSSVC net start MPSSVC
Code: [Select]
5)When you are ready to disable event logging, run the same command as in step 3, but use /success:disable /failure:disab===

SMF 2.0.15 | SMF © 2017, Simple Machines