The Question is:
I recently was searching through your archives, and came across article 4259(?)
relating to screening %LOGIN-F-CMDINPUT records from ANALYZE/AUDIT.
What I would like to know is, is there a way to stop such login failures from
generating audit alarms, whilst generating alarms for all other types of login
The DCL command SET AUDIT does not seem to be specific enough to allow me to do
this, but I am willing to write a program to communicate using system calls
with the audit server, if necessary.
The Answer is :
The information on the audit record formats is available in the
OpenVMS documentation set, and applications can read and process
these records as required.
As for preventing the alarm (or audit) from initially being generated,
the OpenVMS Wizard is not aware of a way to prevent this particular
login failure "subtype" from generating a login failure alarm (or
audit) when such alarms (or audits) are enabled.