Windows Security Log Event ID 5158

Operating Systems	Windows 2008 R2 and 7 Windows 2012 R2 and 8.1 Windows 2016 and 10 Windows Server 2019 and 2022
Category • Subcategory	Object Access • Filtering Platform Connection
Type	Success
Corresponding events in Windows 2003 and before

5158: The Windows Filtering Platform has permitted a bind to a local port

On this page

Description of this event
Field level details
Examples

This event is logged every time a client or server application binds to a port. Binding is the first step in TCP/UDP communications. For server applications, subsequent to this event you will see 5154 or 5031 when the server attempts to begin listening on the port.

The example above is the system binding to TCP port 3389 for Remote Desktop connections.

Application Information:

Process ID: process ID specified when the executable started as logged in 4688
Application Name: the program executable on this computer's side of the packet transmission

Free Security Log Resources by Randy

Description Fields in 5158

Application Information:

Process ID: %1
Application Name: %2

Network Information:

Source Address: %3
Source Port: %4
Protocol: %5

Filter Information:

Filter Run-Time ID: %6
Layer Name: %7
Layer Run-Time ID: %8

Supercharger Free Edition

Examples of 5158

The Windows Filtering Platform has permitted a bind to a local port.

Application Information:

Process ID: 4
Application Name: System

Network Information:

   Source Address: ::
   Source Port: 3389
   Protocol: 6

Filter Information:

   Filter Run-Time ID: 0
   Layer Name: Resource Assignment
   Layer Run-Time ID: 38

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection

Upcoming Webinars

Additional Resources

Encyclopedia

•	Event IDs
•	All Event IDs
•	Audit Policy

Go To Event ID:

Must be a 1-5 digit number No such event ID

Security Log
Quick Reference
Chart
Download now!

User name:
Password:
	/ Forgot?
	Register

December 2024 Patch Tuesday	"Patch Tuesday - 2 Zero Days...See You in 2025! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.