Windows Security Log Event ID 5152
Operating Systems |
Windows 2008 R2 and 7
Windows 2012 R2 and 8.1
Windows 2016 and 10
Windows Server 2019 and 2022
|
Category • Subcategory | Object Access • Filtering Platform Packet Drop |
Type
|
Failure
|
Corresponding events
in Windows
2003 and before |
|
5152: The Windows Filtering Platform blocked a packet
On this page
This event logs all the particulars about a blocked packet including the filter that caused the block.
Application Information:
- Process ID: process ID specified when the executable started as logged in 4688
- Application Name: the program executable on this computer's side of the packet transmission
Free Security Log Resources by Randy
Application Information:
- Process ID: %1
- Application Name: %2
Network Information:
- Direction: %3
- Source Address: %4
- Source Port: %5
- Destination Address: %6
- Destination Port: %7
- Protocol: %8
Filter Information:
- Filter Run-Time ID: %9
- Layer Name: %10
- Layer Run-Time ID: %11
Supercharger Enterprise
Load Balancing for Windows Event Collection
The Windows Filtering Platform blocked a packet.
Application Information:
Process ID: 1132
Application Name: \device\harddiskvolume1\windows\system32 \svchost.exe
Network Information:
Direction: Inbound
Source Address: 224.0.0.252
Source Port: 5355
Destination Address: 10.42.42.213
Destination Port: 56253
Protocol: 17
Filter Information:
Filter Run-Time ID: 0
Layer Name: Receive/Accept
Layer Run-Time ID: 44
Top 10 Windows Security Events to Monitor
Free Tool for Windows Event Collection