Edit Threat

Name

Category

Tags (comma-separated)

Description Adversaries may clear Windows Event Logs to hide the activity of an intrusion. Windows Event Logs are a record of a computer's alerts and notifications. There are three system-defined sources of events: System, Application, and Security, with five event types: Error, Warning, Information, Success Audit, and Failure Audit. With administrator privileges, the event logs can be cleared with the following utility commands: wevtutil cl system wevtutil cl application * wevtutil cl security These logs m