Hi,

I have the following configuration:
Sentinel 7.4.1
- Audit 2011.1r3
- eDirectory 2011.1r7
- IDM 2011.1r3

IDM 4.5.3
- novell-AUDTplatformagent-2.0.2-79
- novell-AUDTedirinst-8.8.8.4-47

LogEvent
Code:
LogHost=10.8.8.34
JLogCacheDir=/var/opt/novell/naudit/jcache
JLogCachePort=1287
LogCachePort=1288
#LogJavaClassPath=/opt/netiq/idm/apps/osp_sspr/lib/nauditpa.jar
#LogJavaClassPath=/opt/netiq/idm/apps/UserApplication/nauditpa.jar
LogJavaClassPath=/opt/novell/naudit/java/pa/NAuditPA.jar
LogMaxBigData=8192
LogEnginePort=1289
LogCacheUnload=no
LogCacheSecure=no
LogCacheLimitAction=keep logging
LogCacheDir=/var/opt/novell/idm/audit
nproduct.log
Code:
Fri Dec 23 17:58:04 2016 [Novell Audit Platform Agent]: Using primary Secure Log Server 10.8.8.34.
Fri Dec 23 17:58:04 2016 [PrepareCache]: New connection to LCache Process
Fri Dec 23 17:58:04 2016 [Novell Audit Platform Agent]: DirXML connecting to Log Server via SSL
Fri Dec 23 17:58:04 2016 [Novell Audit Platform Agent]: Authentication Successful
Fri Dec 23 17:58:05 2016 [PrepareCache]: New connection to LCache Process
Fri Dec 23 17:58:05 2016 [Novell Audit Platform Agent]: DirXML connecting to Log Server via SSL
Fri Dec 23 17:58:05 2016 [Novell Audit Platform Agent]: Authentication Successful
Fri Dec 23 17:58:07 2016 [PrepareCache]: New connection to LCache Process
Fri Dec 23 17:58:07 2016 [Novell Audit Platform Agent]: eDirInst connecting to Log Server via SSL
Fri Dec 23 17:58:07 2016 [Novell Audit Platform Agent]: Authentication Successful
Fri Dec 23 17:58:36 2016 [jlogevent]: Using primary Secure Log Server 10.8.8.34.
Fri Dec 23 17:58:37 2016 [jlcache]: Using the default CacheDir /var/opt/novell/naudit/jcache
Fri Dec 23 17:58:37 2016 [jlcache]: [INFO] However you can configure this in the logevent.conf file as JLogCacheDir=<path>
Fri Dec 23 17:58:37 2016 [jlcache]: Using the default CachePort 1287
Fri Dec 23 17:58:37 2016 [jlcache]: [INFO] However you can configure this in the logevent.conf file as JLogCachePort=<port_number>
Fri Dec 23 17:58:37 2016 [jlcache/MonitorCache]: Exception while preparing to send data to server: Connection refused
Fri Dec 23 17:58:37 2016 [SLSConnection.authenticate()]: [INFO] SLS reports logging protocol version (4)
Fri Dec 23 17:58:38 2016 [jlcache/MonitorCache]: Exception while preparing to send data to server: Connection refused
Fri Dec 23 17:58:47 2016 [SLSConnection.authenticate()]: [INFO] SLS reports logging protocol version (4)
Fri Dec 23 17:59:19 2016 [jlogevent]: Using primary Secure Log Server 10.8.8.34.
Fri Dec 23 17:59:19 2016 [SLSConnection.authenticate()]: [INFO] SLS reports logging protocol version (4)
server0.0.log
Code:
Fri Dec 23 17:56:10 BRST 2016|INFO|Thread-4665|esecurity.ccs.comp.evtsrcmgt.connector.auditserver.AuditX509TrustManager.<init>
        Setting the trust level for the audit connector to OPEN
Fri Dec 23 17:56:10 BRST 2016|INFO|NetIQ OneSSO (/10.8.64.10:41510)|esecurity.ccs.comp.audit.AuditLogger.execute
        Audit High:: Action by the system via Sentinel service Server object Audit Connector method NewConnection client Unknown failed : A new application NetIQ OneSSO from machine 10.8.64.10 made
 a connection with the Audit Event Source Server: Audit Server (ID D892E9F0-3CA7-102B-B598-005056C00005).
Fri Dec 23 17:56:10 BRST 2016|INFO|NetIQ OneSSO (/10.8.64.10:41510)|esecurity.ccs.comp.evtsrcmgt.connector.auditserver.AuditConnectorServer.alertNewConnection
        Audit Server (ID D892E9F0-3CA7-102B-B598-005056C00005): Received new event source from machine 10.8.64.10:NetIQ OneSSO
Fri Dec 23 17:56:13 BRST 2016|INFO|Thread-4666|esecurity.ccs.comp.evtsrcmgt.connector.auditserver.AuditX509TrustManager.<init>
        Setting the trust level for the audit connector to OPEN
Fri Dec 23 17:56:13 BRST 2016|SEVERE|Thread-4666|esecurity.ccs.comp.evtsrcmgt.connector.auditserver.DeviceSensorAuditListener$LEngine.sendClient
        /10.8.64.10:41512: Error encountered in sendClient(1): javax.net.ssl.SSLHandshakeException: SSLv2Hello is disabled
Fri Dec 23 17:56:13 BRST 2016|SEVERE|Thread-4666|esecurity.ccs.comp.evtsrcmgt.connector.auditserver.DeviceSensorAuditListener$LEngine.sendClient

        javax.net.ssl.SSLHandshakeException: SSLv2Hello is disabled
                at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:637)
                at sun.security.ssl.InputRecord.read(InputRecord.java:527)
                at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
                at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
                at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
                at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
                at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:138)
                at java.io.DataOutputStream.write(DataOutputStream.java:88)
                at esecurity.ccs.comp.evtsrcmgt.connector.auditserver.DeviceSensorAuditListener$LEngine.sendClient(DeviceSensorAuditListener.java:949)
                at esecurity.ccs.comp.evtsrcmgt.connector.auditserver.DeviceSensorAuditListener$LEngine.handle_LE_CMD_STARTTLS(DeviceSensorAuditListener.java:666)
                at esecurity.ccs.comp.evtsrcmgt.connector.auditserver.DeviceSensorAuditListener$LEngine.performHandShake(DeviceSensorAuditListener.java:607)
                at esecurity.ccs.comp.evtsrcmgt.connector.auditserver.DeviceSensorAuditListener$LEngine.run(DeviceSensorAuditListener.java:462)

Fri Dec 23 17:56:13 BRST 2016|INFO|Thread-4667|esecurity.ccs.comp.evtsrcmgt.connector.auditserver.AuditX509TrustManager.<init>
        Setting the trust level for the audit connector to OPEN
Machines with eDir/IDM only there is no error, but this one with UserAPP causes it.