CKCL Log Disabled
Nasreddine Bencherchali (Nextron Systems)
Detects tampering attempts to disable performance CKCL logs. These logs often contain useful information about the boot and shutdown process. Attackers might want to disable them in order to hinder a forensic investigation.
Nextron Sigma feed only (private)