[HECnet] VMS question - clearing the SECURITY.AUDIT$JOURNAL security log

On Mon, 11 Jan 2010 13:18:42 +0000, you wrote: Gents, I'm in the process of installing ArcSight on my network, and basically it works by running an ANALYZE/AUDIT/FULL command on SECURITY.AUDIT $JOURNAL and then importing the output file on a separate Unix for log processing. I'm trying to find a way of clearing the current audit log (since I'm extracting the events out of it, i don't want duplicates, /SINCE risks missing events that happen within the delta). What is the proper way of clearing the security audit log? What about SET AUDIT/SERVER=NEW_LOG to create a new version of the journal before processing (i.e.: create new log then analyze the old one)? :-) HTH, G.