Audit Policy: System: Other System Events This subcategory reports on other system events. Events for this subcategory include: ? 5024 : The Windows Firewall Service has started successfully. ? 5025 : The Windows Firewall Service has been stopped. ? 5027 : The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy. ? 5028 : The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy. ? 5029: The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy. ? 5030: The Windows Firewall Service failed to start. ? 5032: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network. ? 5033 : The Windows Firewall Driver has started successfully. ? 5034 : The Windows Firewall Driver has been stopped. ? 5035 : The Windows Firewall Driver failed to start. ? 5037 : The Windows Firewall Driver detected critical runtime error. Terminating. ? 5058: Key file operation. ? 5059: Key migration operation. Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista and in Windows Server 2008? for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226.

[success/failure/success_failure/none]

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsAdvanced Audit Policy ConfigurationAudit PoliciesSystem!Audit Policy: System: Other System Events (2) WMI: ###