- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Classification:
attack
Tactic:
Technique:
Detect modifications to /etc/sudoers
policy file.
Sudo allows users to perform commands from terminals with delegated authority to give certain users (or groups of users) the ability to run some (or all) commands as root. The sudoers policy file, /etc/sudoers
, describes which users can run commands with root level privileges using sudo. Adversaries may attempt to edit the sudoers policy file to execute commands as other users or to spawn processes with higher privileges.
{{@file.path}}
were part of known system setup or maintenance.Requires Agent version 7.27 or greater.