What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags

View all Tags

Monitor Windows Firewall logs



I don't see an easy way to monitor windows firewall logs... You support some hardware firewalls, but not windows? I would be nice if prtg could natively monitor the windows firewall logs and display some of the same issue you would with a hardware firewall.

firewall logs windows

Created on Jan 8, 2018 3:10:20 AM

4 Replies



Hi there,

I am quite unsure what logs you want to monitor on a Windows Firewall, or which Hardware Issues as the Firewall of Windows is only software based. Could you explain the metrics you want to monitor a little bit more extensive?

Best regards.

Created on Jan 8, 2018 12:03:58 PM by  Dariusz Gorka [Paessler Support]



I want to monitor the same metrics as if windows firewall was a hardware firewall.... The metrics would be traffic related, not hardware related... Like firewall status (on, off), blocked requests. I'm most interested in blocked requests. But similar stats as this tool offers: http://www.zedlan.com/win_firewall_log_analyser.php

Created on Jan 14, 2018 1:59:00 AM



Here is an example of the windows firewall log.

  1. Version: 1.5
  2. Software: Microsoft Windows Firewall
  3. Time Format: Local
  4. Fields: date time action protocol src-ip dst-ip src-port dst-port size tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path

2018-01-13 21:26:45 DROP ICMP - - 68 - - - - 0 0 - RECEIVE 2018-01-13 21:27:01 DROP ICMP - - 68 - - - - 0 0 - RECEIVE 2018-01-13 21:27:17 DROP ICMP - - 68 - - - - 0 0 - RECEIVE

Created on Jan 14, 2018 3:34:45 AM



Hello there,

What the tool basically does is retrieving the details from the firewall log file, which needs to be enabled first, see also section "How do I use WinFirewallLogAnalyser?" here.

None of PRTG's built-in sensors will be able to dissect especially this data and aggregate it the way you need it. You can use a File Content Sensor to look for particular entries in this log though, but it's not capable of performing further calculations of the data and alike. Everything else would mean creating a custom script that processes the data and returns some metrics back to PRTG, but we have no "script template" for this particular task.

Kind regards,


Created on Jan 15, 2018 11:23:21 AM by  Erhard Mikulik [Paessler Support]

Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.