Hey, folks, the other day I went playing hide and seek for the thresholds for hacking the access logs and couldn't seem to find them in 4a or Unwired. There's plenty of description, but no mechanics.

In specific, a hacker had set off an alert with an admin account (which specifically says that the one the restricted alert is against CAN'T operate the system as normal) and was trying to get out and clean up his data trail before the enforced logout finished its job.

The other question that came up is can you hack the alert? I couldn't find a ruling or mechanic on that, either.

Thanks in advance.

The threshold for finding the logs would be one of two things:
1) Set by the GM as the level of difficulty he believes a simple browse would find it. (Typically I use 1 hit since they know what their looking for)

2) (More common) An opposed roll between the log file's Stealth + Firewall vs the hacker's Analyze + Computer. This one is used whenever the security designers think the logs shouldn't be easy to find. More tricks can then be applied to it such as encrypting, data bombs, embedded IC that run when accessed, etc.

Unless specifically hidden or booby trapped, an access log only takes time to alter, and you can never completely remove traces of your actions. There will still be a log out action(though your access id won't be listed)