How to activate FW logs

semangard-post · ‎Sep 14 2022

Hello,

Was is the best way to activate Windows FW logs with a MEM policy (with all the usual settings available with the related GPO) ?

I tried to find any setting/template which can be used by a configuration profile but I haven't find any yet.

I tried to import GPOs but it seems they are 'deprecated' for MDM (cf. screenshot below).

Regards

Kurt Mayer · ‎Sep 14 2022

At this blade you can create a Windows Firewall policy which can audit connections by generating events:

Please like or mark this thread as answered if it's helpful, thanks!

semangard-post · ‎Sep 15 2022

Thanks @Kurt Mayer

Sure but how to get all the usual settings available with similar GPO, for ex the path of the logs ?

Kurt Mayer · ‎Sep 16 2022

It seems there isn't a GPO or configuration profile for it. Next best bet may be to just enable it with a PowerShell script, like this:

Please like or mark this thread as answered if it's helpful, thanks!

Re: How to activate FW logs