diff --git a/datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.log b/datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.log
new file mode 100644
index 00000000..fd4d7471
--- /dev/null
+++ b/datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:62bbba78697c76bb460b5151e4afd88f8383ee179b0722055ef124589989dd74
+size 1198
diff --git a/datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.yml b/datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.yml
new file mode 100644
index 00000000..27783b22
--- /dev/null
+++ b/datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.yml
@@ -0,0 +1,13 @@
+author: Milad Cheraghi
+id: b4b1271b-4529-4f36-9edc-d70765eaa4c0
+date: '2025-08-28'
+description: 'Sample of Linux auditd events showing potential abuse of the Magic SysRq key to manipulate or destabilize the system.'
+environment: custom
+directory: linux_sysrq_abuse
+mitre_technique:
+  - T1529
+datasets:
+  - name: linux-auditd
+    path: /datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.log
+    sourcetype: auditd
+    source: auditd
\ No newline at end of file