diff --git a/queries/1278416.yaml b/queries/1278416.yaml
new file mode 100644
index 00000000..0d63e4ee
--- /dev/null
+++ b/queries/1278416.yaml
@@ -0,0 +1,4 @@
+query: >
+  message:"remove_iscsi_target"
+  AND message:"os.unlink"
+  AND filename:"logs/screen-c-vol.txt"