Firewall Log not respecting settings -- Logs not extending beyond a few hours


B

boethius

New member
Local time
5:46 AM
Posts
4
OS
Windows 11 (Duh)
Hello,
I configured firewall logs to log all events (blocks, accepts) and set the logfile size to maximum (32,xxxKb).
This was working as expected for a while and then began to only write about ~3000-4000Kb before rotating to log.old.
I've googled this and can find no significant conversation on the matter, it seems pretty straightforward, except for the behavior I am experiencing.
The PC is self-managed, not part of any Active Directory infrastructure, not part of any corp, with no one else administrating but myself.
Code: 
PS C:\WINDOWS\system32\logfiles\Firewall> dir
Directory: C:\WINDOWS\system32\logfiles\Firewall                                                                                                                                          Mode                 LastWriteTime         Length Name
    12/30/2022   1:20 AM        3083948 pfirewall.log                                                         
12/29/2022  10:49 PM        4201141 pfirewall.log.old                                                                                                                                      C:\WINDOWS\system32\logfiles\Firewall>
 

My Computer

System One

  • OS
    Windows 11 (Duh)
Have you verified your system is on the public profile?
4096KB is the default size, looks like another profile may be enabled and overriding.

May also help to change the log name to something unique to prevent overriding it such as
%systemroot%\system32\LogFiles\Firewall\pfirewall-public.log

In Powershell
Powershell: 
(Get-NetConnectionProfile).NetworkCategory
 

My Computer

System One

  • OS
    Windows 11
neemobeer said:
Have you verified your system is on the public profile?
4096KB is the default size, looks like another profile may be enabled and overriding.

May also help to change the log name to something unique to prevent overriding it such as
%systemroot%\system32\LogFiles\Firewall\pfirewall-public.log

In Powershell
Powershell: 
(Get-NetConnectionProfile).NetworkCategory
Click to expand...
PS C:\Users\boethius> (Get-NetConnectionProfile).NetworkCategory
Public
Public
PS C:\Users\boethius>
 

My Computer

System One

  • OS
    Windows 11 (Duh)
neemobeer said:
Have you verified your system is on the public profile?
4096KB is the default size, looks like another profile may be enabled and overriding.

May also help to change the log name to something unique to prevent overriding it such as
%systemroot%\system32\LogFiles\Firewall\pfirewall-public.log

In Powershell
Powershell: 
(Get-NetConnectionProfile).NetworkCategory
Click to expand...
Just to update -- changing the name of the log file did indeed correct the problem. I don't know why it was necessary, but thank you for the suggestion. :thumbsup:
 

My Computer

System One

  • OS
    Windows 11 (Duh)
You must log in or register to reply here.

Similar threads

Unable to run call of duty through steam. Any help would be greatly appreciated
Replies
2
Views
342
RJARRRPCGP
R
23H2 Sysprep copyprofile not applying user profile changes when image is installed
Replies
4
Views
2K
fishon
F
Windows 11 Sometimes Freezes During Boot.
Replies
19
Views
2K
Flame Red
F
Powershell Commands in Unattend not running correctly
Replies
5
Views
3K
mowright
mowright
New machine, audio pops , found out about latencymon. result seems bad. Any advice appreciated.
Replies
7
Views
4K
rezpower
rezpower

Latest Support Threads

Latest Tutorials

Back
Top Bottom