mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-05 00:57:22 +00:00
2.1 KiB
2.1 KiB
title, description, ms.pagetype, ms.prod, ms.mktglfcycl, ms.sitesec, author, ms.date
| title | description | ms.pagetype | ms.prod | ms.mktglfcycl | ms.sitesec | author | ms.date |
|---|---|---|---|---|---|---|---|
| 5024(S) The Windows Firewall Service has started successfully. (Windows 10) | Describes security event 5024(S) The Windows Firewall Service has started successfully. | security | w10 | deploy | library | Mir0sh | 04/19/2017 |
5024(S): The Windows Firewall Service has started successfully.
Applies to
- Windows 10
- Windows Server 2016
Subcategory: Audit Other System Events
Event Description:
This event generates when Windows Firewall (MpsSvc) service has started successfully.
This event is typically logged during operating system startup process.
Note
For recommendations, see Security Monitoring Recommendations for this event.
Event XML:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
<EventID>5024</EventID>
<Version>0</Version>
<Level>0</Level>
<Task>12292</Task>
<Opcode>0</Opcode>
<Keywords>0x8020000000000000</Keywords>
<TimeCreated SystemTime="2015-10-09T03:22:53.842816300Z" />
<EventRecordID>1101613</EventRecordID>
<Correlation />
<Execution ProcessID="500" ThreadID="528" />
<Channel>Security</Channel>
<Computer>DC01.contoso.local</Computer>
<Security />
</System>
<EventData />
</Event>
Required Server Roles: None.
Minimum OS Version: Windows Server 2008, Windows Vista.
Event Versions: 0.
Security Monitoring Recommendations
For 5024(S): The Windows Firewall Service has started successfully.
-
Typically this event has an informational purpose. It’s logged during operating system startup process.
-
You should not see this event after system startup, so we recommend that you monitor it when it occurs outside the system startup process.