Kubernetes Events Deleted (3132570d-cab2-4561-9ea6-1743644b2290)
Detects when events are deleted in Kubernetes. An adversary may delete Kubernetes events in an attempt to evade detection.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Kubernetes Events Deleted (3132570d-cab2-4561-9ea6-1743644b2290) | Sigma-Rules | Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) | Attack Pattern | 1 |