Introducing G2.ai, the future of software buying.Try now
  1. Home
  2. ...
  3. Endpoint Protection Platforms
  4. CrowdStrike Falcon Endpoint Protection Platform
  5. CrowdStrike Falcon Endpoint Protection Platform Discussions
  6. How do people see Firewall logs in Crowdstrike . Is it Possible to view Firewall logs or requires a separated application to pull those into CS console.
sai chakri B.
SB
Cyber Security Professional | SOC | IBM QRadar | Carbon Black Response | Falcon CrowdStrike | Threat Hunting
Expand/Collapse Social Share Options

How do people see Firewall logs in Crowdstrike . Is it Possible to view Firewall logs or requires a separated application to pull those into CS console.

I could see every endpoint event like Registry modifications , User Logons, File modifications , Dns Requests but i am looking for a way to get the Firewall logs.
1 comment
Looks like you’re not logged in.
Users need to be logged in to answer questions
Log In
Bryan B.
BB
Cybersecurity and Privacy Zealot; Forensics and Incident Response Professional
0
You can see firewall changes and rule modifications under the event_SimpleNames "FirewallChangeOption" and "FirewallSetRule". CrowdStrike's Firewall license is for firewall management. If you are looking for failed events due to the endpoint's firewall, you will need to scoop those from the endpoint's log data.
deleteedit
Looks like you’re not logged in.
Users need to be logged in to write comments
Log In
Reply
Already have CrowdStrike Falcon Endpoint Protection Platform?

About CrowdStrike Falcon Endpoint Protection Platform

CrowdStrike’s leading cloud-based Falcon platform protects your systems through a single lightweight sensor — there is no on-premises equipment to be maintained, managed or updated, and no need for fr
Discover More