Playbook for User Deleting Bash History - Cloud

  • Release version: Xanadu
  • Updated August 1, 2024
  • 1 minute to read

    • This playbook provides systematic remediation steps to investigate incidents that indicate if someone was trying to remove the bash history (.bash_history) file from a Linux server.

    Note:
    You need to mitigate this alert cautiously, as this alerts gets rarely triggered and it potentially indicates an insider threat.