Event ID 104: Log was cleared (System) (System)
Lo que este Event ID realmente registra en disco, los campos EventData a leer primero y su lugar en un flujo de triage DFIR.
- Canal
- System
- Proveedor
- Windows\System
- Notas de triage
- Service Control Manager's counterpart to Security 1102. Often missed by attackers who only clear Security.