| Event Id | 3225 |
| Source | EventTracker |
| Description | Socket DELETED: Type: TCP Status: Deleted Local Address: <Local address> Local Port: <Port number > Remote Address: <Remote Address> Remote Port: <Remote Port number > Connection active time: <Connection active time > Last known Connection State: <Connection state> Process ID:<Process ID> Process Name: <Process name> Image File Name: <Full path of the file name> |
| Event Information | Cause: The event is logged by EventTracker as part of the Network Connection Monitoring feature where any termination of an existing TCP connection can be logged as an Event. This event specifies the details of the terminated port. Resolution: This event is for information only and requires no user action. EventTracker provides users with an option to monitor for termination of any existing TCP connections, the description of this event contains - The Type of Connection, i.e. TCP - Details of the system on which the new connection was created, i.e. Local IP Address and Port Number - Details of the system, which initiated the new connection, i.e. Remote IP Address and Port Number - Details about the active connection time. i.e. the time between the connection being established and the connection being terminated. - Details about the last known connection state - Details of the local process that is providing this connection. Related Events: Event ID: 3223, Event Source: EventTracker Event ID: 3224, Event Source: EventTracker |
| Reference Links |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.