Information
Use this option to specify the path and name of the file in which Windows Firewall will write its log information.
The recommended state for this setting is: %SystemRoot%\System32\logfiles\firewall\privatefw.log
If events are not recorded it may be difficult or impossible to determine the root cause of system problems or the unauthorized activities of malicious users.
Solution
To establish the recommended configuration via GP, set the following UI path to %SystemRoot%\System32\logfiles\firewall\privatefw.log :
Computer Configuration\Policies\Windows Settings\Security Settings\Windows Firewall with Advanced Security\Windows Firewall with Advanced Security\Windows Firewall Properties\Private Profile\Logging Customize\Name
Impact:
The log file will be stored in the specified file.