LoFP LoFP / t1499

t1499

TitleTags
legitimate administrative activity modifying sysrq for debugging or recovery. please update the filter macros to remove false positives.
limited false positives in most environments, however tune as needed.
network scanning or testing tools that probe cisco smart install endpoints may trigger similar signatures. validate against maintenance windows or approved security assessments.
serious issues with a configuration or plugin
unknown
unlikely