Define the rate of detection events for logging

This policy setting limits the rate at which detection events for network protection against exploits of known vulnerabilities will be logged. Logging will be limited to not more often than one event per the defined interval. The interval value is defined in minutes. The default interval is 60 minutes.If you enable this setting detection events will not be logged if there is more than one similar report (by definition GUID) in the specified number of minutes.If you disable or do not configure this setting detection events will be logged at the default rate.

Policy path: 

Windows Components\Windows Defender\Network Inspection System

Scope: 

Machine

Supported on: 

At least Windows Server 2012 Windows 8 or Windows RT

Registry settings: 

HKLM\Software\Policies\Microsoft\Windows Defender\NIS\Consumers\IPS!ThrottleDetectionEventsRate; HKLM\Software\Policies\Microsoft\Windows Defender\NIS\Consumers\IPS!ThrottleDetectionEventsRate

Filename: 

WindowsDefender.admx

Related content