title: System log file was cleared
title_jp: システムログがクリアされた
description: Somebody has cleared the System event log.
description_jp: 誰かがシステムログをクリアした。
author: Eric Conrad, Zach Mathis
contributor: Akira Nishikawa, James Takai
mitre_attack: T1070.001
level: high
detection:
    selection:
        Channel: System
        EventID: 104
    # condition: selection
falsepositives:
    - system administrator
output: "User: %LogFileCleared%%SubjectUserName%"
output_jp: "ユーザ名: %LogFileCleared%%SubjectUserName%"
creation_date: 2020/11/08
uodated_date:  2021/11/06