Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Get all filtering events done by the Windows filtering platform. This includes any blocks done by Windows Firewall rules, but also blocks triggered by some 3rd party firewalls. When no Firewall rules are configured, the default behavior is to block all incoming network connections.
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | fb02b8f1-1eb9-43f9-b6e6-cca78a323f2b |
| Required Connectors | MicrosoftThreatProtection |
| Source | [View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/Microsoft%20365%20Defender/Protection%20events/Windows%20filtering%20events%20%28Firewall%29.yaml) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊