Anomalous Audit Trail Activity Detected

Description

Discovers anomalous activity such as the deletion of or clearing of log files. Attackers oftentimes clear the log files in order to hide their actions, therefore, this may indicate that the system has been compromised.