Support Get Quote

How to analyze allowed
and denied firewall traffic events?

Feb 10, 2022 6 min read

Analyzing firewall logs: Traffic allowed/dropped events

Firewall logs will provide insights on the traffic that has been allowed or blocked. Analyzing these events is essential because, in most cases, this is the starting point of data breaches.

Analyzing firewall logs: Traffic allowed/dropped events

Figure 1: Sample firewall log denoting incoming traffic.

In the above image, the highlighted part is an allowed traffic log. The log data shows the date, time, type of protocol, source and destination IPs, and the port numbers. With this information, we can identify which packet was allowed, when and how. The entry point, in case of a data breach can easily be identified. The image below is an example of dropped packets.

Sample firewall log denoting incoming traffic

Manually sifting through all the allowed and denied traffic to find traffic from a specific source is a tedious task. However, you get this information in a jiffy with a log management solution like EventLog Analyzer.

EventLog Analyzer, a comprehensive log management solution, provides predefined reports on Denied Connection, User Logons, Failed Logons, Individual User Action, and more. These reports help in analyzing the logs and instantly spot anomalous traffic behavior.

You may also like


Interested in a
log management

Try EventLog Analyzer
Database platforms

Understanding SQL Server Audit better

Read more
Previous articles
Next articles
Network devices

Critical Windows events: Event ID 6008 - Unexpected system shutdown

Read more

Manage logs, comply with IT regulations, and mitigate security threats.

Seamlessly collect, monitor, and analyze
logs with EventLog Analyzer

Your request for a demo has been submitted successfully

Our support technicians will get back to you at the earliest.

By clicking 'Submit', you agree to processing of personal data according to the Privacy Policy.

  Zoho Corporation Pvt. Ltd. All rights reserved.

Link copied, now you can start sharing