HP OpenVMS Systems

ask the wizard
Content starts here

Security Auditing and CMDINPUT errors?

» close window

The Question is:

I recently was searching through your archives, and came across article 4259(?)
 relating to screening %LOGIN-F-CMDINPUT records from ANALYZE/AUDIT.
What I would like to know is, is there a way to stop such login failures from
 generating audit alarms, whilst generating alarms for all other types of login
The DCL command SET AUDIT does not seem to be specific enough to allow me to do
 this, but I am willing to write a program to communicate using system calls
 with the audit server, if necessary.

The Answer is :

  The information on the audit record formats is available in the
  OpenVMS documentation set, and applications can read and process
  these records as required.
  As for preventing the alarm (or audit) from initially being generated,
  the OpenVMS Wizard is not aware of a way to prevent this particular
  login failure "subtype" from generating a login failure alarm (or
  audit) when such alarms (or audits) are enabled.

answer written or last revised on ( 26-JUL-2000 )

» close window