CIS v7062 Logging Issues or by Design?

I just installed v.7062 (clean install) a Windows 10 Pro 64bit new PC. I was previously running v.6882 on my previous Windows 10 Pro 64bit laptop (which I no longer have access to). I have noticed now that CIS is logging all blocked activity. This is showing up in “Blocked Applications” and “Network Intrusions” logs. In the past, whenever I leave “Log as firewall event even if this rule is fired” unchecked, I don’t get these logs showing up and cluttering the interface. I have a ton of custom application firewall rules, but CIS v7062 simply ignores the option to not log the firewall blocks of certain apps.

Is this by design in v7062, or is there a configuration change or other setting that I need to be aware of to prevent these excess logs?

Also, separately, even with prior CIS versions, I could not find a way to supress HIPS blocks for specific application rules that I customized. There was no similar setting like in the firewall rules to not log the block. At least I am not aware of anyway to supress HIPS logs. If there is, please let me know.


Can you be specific as to what is being blocked by providing the block events from the firewall logs? Before CIS version 6.x you could disable logging for each component, though it has since been removed.


Sorry, I am just now your reply now. I had enough and have already reverted back to v6882. The last straw was when I could not add a virtual switch in Hyper-V. After over a day of trying to figure out the issue, I happened to notice that adding Hyper-V virtual switches was successful in the host PCs without CIS v7036 or v7062. After uninstalling these version, the Hyper-V switch woes went away, and I am now able to manage my virtual machines. Anyway, that’s a separate issue probably for a separate thread. Right now, I’ll settle with v6882 for the foreseeable future.

If other people run into any of these issues, perhaps I will go back and reinstall v7062 so I can post the logs you mentioned. It may be isolated to my setups.