20 lines
621 B
YAML
20 lines
621 B
YAML
title: System log file was cleared
|
|
title_jp: システムログがクリアされた
|
|
description: Somebody has cleared the System event log.
|
|
description_jp: 誰かがシステムログをクリアした。
|
|
author: Eric Conrad, Zach Mathis
|
|
contributor: Akira Nishikawa, James Takai
|
|
mitre_attack: T1070.001
|
|
level: high
|
|
detection:
|
|
selection:
|
|
Channel: System
|
|
EventID: 104
|
|
# condition: selection
|
|
falsepositives:
|
|
- system administrator
|
|
output: "User: %LogFileCleared%%SubjectUserName%"
|
|
output_jp: "ユーザ名: %LogFileCleared%%SubjectUserName%"
|
|
creation_date: 2020/11/08
|
|
uodated_date: 2021/11/06
|