The rule detects the deletion of Logging sinks in Google Cloud Platform (GCP), a crucial action that may indicate an attempt by adversaries to evade detection by eliminating log export features. The rule inspects specific GCP audit logs for deletion events of logging sinks to alert security teams of potentially malicious behavior. It includes guidance for investigating deletions by reviewing audit logs, checking for suspicious activities by the same user, and confirming successful deletions' impacts on log monitoring. False positives and mitigation strategies are discussed to minimize legitimate operational changes being flagged as threats. The scoring of 47 indicates a medium risk associated with such activities, underlining their impact on logs monitoring capabilities.