Define the rate of detection events for logging

This policy setting limits the rate at which detection events for network protection against exploits of known vulnerabilities will be logged. Logging will be limited to not more often than one event per the defined interval. The interval value is defined in minutes. The default interval is 60 minutes.

If you enable this setting, detection events will not be logged if there is more than one similar report (by definition GUID) in the specified number of minutes.

If you disable or do not configure this setting, detection events will be logged at the default rate.

Supported on: At least Windows Server 2012, Windows 8 or Windows RT

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Microsoft\Windows Defender\NIS\Consumers\IPS
Value NameThrottleDetectionEventsRate
Value TypeREG_DWORD
Enabled Value1
Disabled Value0

Define the rate of detection events for logging

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Microsoft\Windows Defender\NIS\Consumers\IPS
Value NameThrottleDetectionEventsRate
Value TypeREG_DWORD
Default Value60
Min Value0
Max Value10000000

windowsdefender.admx

Administrative Templates (Computers)

Administrative Templates (Users)