I was sitting at home the other day going through the log files for the Windows XP SP2 firewall (as you do for want of something more stimulating) and thought you might like to know about the utilities I use and have found for parsing these files. Please be aware of the default location & name of the files: c:\windows\pfirewall.log and the fact that by default the logging is turned off, with a default file size of 4MB.
The two programs I have found most useful for stand alone machines are:
The first is by a Partnership called 2BrightSparks. They have a number of pieces of excellent software and included in this list is FireLogXP: http://www.2brightsparks.com/freeware/freeware-hub.html. This software allows you to parse the log file easily to see what is going on.
The second is a firewall reader that just makes viewing your logs easier: XP Log reader http://www.winxpcentral.com/windowsxp/fwlog.php
Lastly I found this software a while ago: ICFMaster http://www.tlhouse.co.uk/LogMeister/icfmeister_info.shtml. It is great as it will collect flogs and perform alerting etc from multiple machines. It is not freeware, but well worth the US$20 fee.
Let us all know if you find or use any other useful tools..