- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Detect the tampering of shell command history on a host or container.
Commands used within a terminal are contained within a local file so users can review applications, scripts, or processes that were previously executed. Adversaries tamper with the integrity of the shell command history by deletion, truncation, or the linking of /dev/null
by use of a symlink. This allows adversaries to obfuscate their actions and delay the incident response process.
Requires Agent version 7.27 or greater