Content Packs

Content Packs are source-centric interpretations that help you make sense of your unstructured machine data.

(@markus.krausgmail.com1)

Content Packs

Windows Firewall Advanced Content Pack

Extract more Details from Windows Firewall File-Log

(ContentPack is attached)

 

- Blocked Connections by Source IP

- Blocked Connections by Destination IP

- Blocked Connections by Source Port

- Blocked Connections by Destination Port

- Blocked Connections by Protokoll

- Blocked Connections by Hostname

- Disabled / Enabled Firewall