user_criteria OpenVMS usage:char_string or item_list_3 type: character-coded text string or longword (unsigned) access: read only mechanism: by descriptor-fixed-length string descriptor or by reference If the CIA$M_ITEMLIST flag is FALSE: The user_criteria argument is the description of intruder or suspect. This argument is the address of a character-string descriptor pointing to a buffer containing the user criteria to match an intrusion record's user specification in the intrusion database. The user_criteria argument is a character string of 1 to 1058 bytes containing characters to match the user specification on records in the intrusion database. A user specification is any combination of the suspect's or intruder's source node name, source user name, source DECnet- Plus address, local failed user name, or local terminal. The user specification for an intrusion record is based on the input to the $SCAN_INTRUSION service and the settings of the LGI system parameter. For more information, see the HP OpenVMS Guide to System Security. Wildcards are allowed for the user_criteria argument. For example, if you specify an asterisk (*) for the user_criteria argument, the service deletes all records in the intrusion database. If the CIA$M_ITEMLIST flag is TRUE: The user_criteria argument is now the address of a 32-bit item list. If the item list is used, one item, the CIA$_USER_CRITERIAL item, must be present in the item list. The ITM$L_BUFADR should point to a buffer containing the specified user criteria. The following table lists the valid item descriptions for the user_criteria argument: Item Description CIA$_SCSNODE_LIST Address of a list of 8-character null-padded SCS nodenames for which intrusions are to be deleted. CIA$_USER_ Address of a buffer, 1-1058 bytes long, CRITERIAL containing the intruder or suspect. If the CIA$_SCSNODE_LIST item is present, it is the address of a list of 8-character null-padded SCS nodenames for which intrusions are to be deleted. If this item is absent, the service deletes the specified intrusion records for all nodes in the cluster. Multiple CIA$_SCSNODE_LIST items are permitted. flags OpenVMS usage:mask_longword type: longword (unsigned) access: read only mechanism: by value Functional specification for the service. The flags argument is a longword bit mask wherein each bit corresponds to an option. Each flag option has a symbolic name. The $CIADEF macro defines the following valid names for the $DELETE_INTRUSION service: Symbolic Name Description CIA$M_IGNORE_ The service should not wait for the return RETURN status from the security server. No return status from the server's function will be returned to the caller. CIA$M_ITEMLIST If FALSE, the user_criteria argument is a character string. If TRUE, this argument is a 32-bit item list.