The Following Filter Was Present When The Windows Filtering Platform Base Filtering Engine Started
The following filter was present when the Windows Filtering Platform Base Filtering Engine started.
Configuration
query
EventID:5441
config
Key | Value — | — type | aggregation-v1 query | EventID:5441 streams | [5f74fe0891d2ba1b645adb8d] conditions | {expression:null} search_within_ms | 3600000 execute_every_ms | 3600000
SIEM Microsoft Events to Monitor
https://docs.
notes
Last modified
December 31, 1969