605 words
3 minutes

Enable Logging in Windows Firewall

Cover image for Enable Logging in Windows Firewall

This article is for those looking for a detailed and straightforward guide on installing enable logging in Windows Firewall.

WARNING

For security reasons, it is not recommended to disable Windows Firewall unless you are using a complete antivirus solution that includes a different firewall. In the case when Windows Firewall blocks the operation of an application, you need to study this event in detail using a file with logs and make an allowing rule for this application in Windows Firewall, if it is really necessary.

NOTE

This tutorial will cover several ways to enable logging in to Windows Firewall.

We go into the system under an account with administrator rights.

Open Server Manager, click on the “Tools” button in the upper right corner of the screen and select “Windows Firewall with Advanced Security”.

Enable Logging in Windows Firewall - Step 1

Next, right-click on “Windows Firewall with Advanced Security on Local Computer” and select “Properties”.

Enable Logging in Windows Firewall - Step 2

NOTE

In this guide, logging in Windows Firewall for a domain profile will be configured. Similarly, you can configure logging for other profiles.

On the “Domain Profile” tab, in the “Logging” section, select “Customize”.

Enable Logging in Windows Firewall - Step 3

Further, in the “Name” field, you can specify where the file with the Windows Firewall logs will be stored.

In the “Size Limit” field, specify the maximum size of the file with logs.

To enable logging of dropped packets, select “Yes” in the “Log dropped packets” section.

Click on the “OK” button.

Enable Logging in Windows Firewall - Step 4

You can also enable logging in to Windows Firewall using Windows PowerShell.

On the keyboard, press the key combination “Win” and “x” and in the menu that opens, select “Windows PowerShell (Admin)”.

Enable Logging in Windows Firewall - Step 5

NOTE

In this guide, logging in Windows Firewall for a domain profile will be configured. Similarly, you can configure logging for other profiles.

We enable logging using the command:

Terminal window
Set-NetFireWallProfile -Profile Domain -LogBlocked True -LogMaxSize 4096 -LogFileName "%systemroot%\system32\LogFiles\Firewall\pfirewall.log"

Enable Logging in Windows Firewall - Step 6

Now, looking at the file with the logs, you can examine in detail which application was blocked using Windows Firewall, and make an allow rule for it if it is really necessary.

Enable Logging in Windows Firewall - Step 7


Social Channels#


Community of IT Experts#


Is this content AI-generated?

No. Every article on this blog is written by me personally, drawing on decades of hands-on IT experience and a genuine passion for technology.

I use AI tools exclusively to help polish grammar and ensure my technical guidance is as clear as possible. However, the core ideas, strategic insights, and step-by-step solutions are entirely my own, born from real-world work.

Because of this human-and-AI partnership, some detection tools might flag this content. You can be confident, though, that the expertise is authentic. My goal is to share road-tested knowledge you can trust.

Enable Logging in Windows Firewall
https://www.heyvaldemar.com/enable-logging-in-windows-firewall/
Author
Vladimir Mikhalev
Published at
2021-02-18
License
CC BY-NC-SA 4.0