Windows Security Log Event ID 861
Operating Systems |
Windows 2003 and XP
|
Category | Process Tracking |
Type
|
Success
|
Corresponding events
in Windows
2008 and Vista |
5154
,
5155
|
861: The Windows Firewall has detected an application listening for incoming traffic
On this page
This event documents applications that request to open UDP or TCP ports in listening mode and whether the request was allowed.
Free Security Log Resources by Randy
- Name: the name of the application
- Path: full path name of program listening for incomming traffic
- Process identifier: PID of process - same as in event ID 592 and in Task Manager
- User account: user account process running as
- User domain: domain of user account
- Service: Yes or No - is the application is a system service?
- RPC server: Yes or No - is it on an RPC server?
- IP version: IPv4 or IPv6
- IP protocol: UDP or TCP
- Port number: self explanatory
- Allowed: Yes or No - did Windows allow the application to open the port?
- User notified: Yes or No - did Windows notify user with a dialog box?
Supercharger Enterprise
Load Balancing for Windows Event Collection