Hello,

We have an issue where Identity Applications (User Application) doesn't
send audit events to SLM for IGA.
On the same Tomcat we are also running OSP and SSPR and they are logging
to SLM for IGA.

We have upgraded a customer running IDM 4.5.5 to 4.6.0 and then directly
to 4.6.2.
We have uninstalled Sentinel EAS and installed SLM for IGA on a new server.
On the Identity Applications server we have edited /etc/logevent.conf
and it points to the SLM for IGA server.

When we start Tomcat we see this in the /var/opt/novell/naudit/nproduct.log

Thu Feb 01 16:21:56 2018 [jlogevent]: Using primary Secure Log Server
xx.xx.xx.xx.^M
Thu Feb 01 16:21:56 2018 [jlcache]: Using the default CacheDir
/var/opt/novell/naudit/jcache^M
Thu Feb 01 16:21:56 2018 [jlcache]: [INFO] However you can configure
this in the logevent.conf file as JLogCacheDir=<path>^M
Thu Feb 01 16:21:56 2018 [jlcache]: Using the default CachePort 1287^M
Thu Feb 01 16:21:56 2018 [jlcache]: [INFO] However you can configure
this in the logevent.conf file as JLogCachePort=<port_number>^M
Thu Feb 01 16:22:06 2018 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (5)^M
Thu Feb 01 16:22:06 2018 [SLSConnection.authenticate()]: [INFO] sending
application name NetIQ OneSSO^M
Thu Feb 01 16:22:07 2018 [SLSConnection.authenticate()]: [INFO] SLS
reports logging protocol version (5)^M
Thu Feb 01 16:22:07 2018 [SLSConnection.authenticate()]: [INFO] sending
application name NetIQ OneSSO^M
Thu Feb 01 16:22:27 2018 [jlogevent]: Using primary Secure Log Server
xx.xx.xx.xx.^M
Thu Feb 01 16:22:27 2018 [jlogevent]: Error:
com.novell.naudit.logevent.LogEventException: Error creating certificate: ^M
Invalid PEM private key specification.
at com.novell.naudit.logevent.LogEvent.doLogOpen(LogE vent.java:302)
at com.novell.naudit.logevent.LogEvent.logOpen(LogEve nt.java:99)
at com.novell.naudit.LogEvent.LogOpen(LogEvent.java:2 08)
at
com.netiq.logging.NauditAppenderSkeleton.start(Nau ditAppenderSkeleton.java:86)
at com.netiq.logging.LogManager.configure(LogManager. java:169)
at
com.novell.srvprv.spi.util.servlet.LogConfigurator .initialize(LogConfigurator.java:104)
at
com.novell.srvprv.spi.util.servlet.LogConfigurator .init(LogConfigurator.java:83)
at
com.sssw.fw.servlet.InitListener.contextInitialize d(InitListener.java:128)
at
org.apache.catalina.core.StandardContext.listenerS tart(StandardContext.java:4745)
at
org.apache.catalina.core.StandardContext.startInte rnal(StandardContext.java:5207)
at
org.apache.catalina.util.LifecycleBase.start(Lifec ycleBase.java:150)
at
org.apache.catalina.core.ContainerBase.addChildInt ernal(ContainerBase.java:752)
at
org.apache.catalina.core.ContainerBase.addChild(Co ntainerBase.java:728)
at
org.apache.catalina.core.StandardHost.addChild(Sta ndardHost.java:734)
at
org.apache.catalina.startup.HostConfig.deployWAR(H ostConfig.java:988)
at
org.apache.catalina.startup.HostConfig$DeployWar.r un(HostConfig.java:1860)
at
java.util.concurrent.Executors$RunnableAdapter.cal l(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.jav a:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker( ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.IllegalArgumentException: Invalid PEM private key
specification.
at com.novell.naudit.util.Util.getPrivateKeySpec(Util .java:409)
at com.novell.naudit.logevent.LogEvent.doLogOpen(LogE vent.java:297)
... 20 more
^M
Thu Feb 01 16:24:06 2018 [jlogevent]: Switching application DirXML to
cache.^M
Thu Feb 01 16:24:06 2018 [jlcache]: Exception adding log application,
DirXML: null^M
Thu Feb 01 16:24:06 2018 [jlcache]: ClientThread: error adding app for:
DirXML^M
Thu Feb 01 16:24:06 2018 [jlogevent]: Exception while preparing cache:
null^M
Thu Feb 01 16:24:06 2018 [jlogevent]: Failed to connect to cache for
application %s, DISABLING cache mode.^M
Thu Feb 01 16:24:06 2018 [jlogevent]: All log channels have failed.
Stopping logging of events for application DirXML.^M
Thu Feb 01 16:24:06 2018 [jlcache]: Exception adding log application,
DirXML: null^M
Thu Feb 01 16:24:06 2018 [jlcache]: ClientThread: error adding app for:
DirXML^M
Thu Feb 01 16:24:06 2018 [jlogevent]: Exception while preparing cache:
null^M
Thu Feb 01 16:24:06 2018 [jlogevent]: Failed to connect to cache for
application %s, DISABLING cache mode.^M

We have the following appenders in the
/opt/netiq/idm/apps/tomcat/conf/idmuserapp_logging.xml file:

<appenders>
<!-- CONSOLE and FILE appender are defined in jboss-log4j.xml -->
<!-- Novell Audit appender -->
<appender class="com.netiq.logging.log4j.NauditLog4jAppender "
name="NAUDIT">
<param name="Threshold" value="ALL"/>
<param name="ApplicationDetail" value="DirXML"/>
</appender>
<!-- OpenXDAS appender -->
<appender class="com.netiq.logging.log4j.XDasLog4jAppender"
name="OPENXDAS">
<param name="Threshold" value="ALL"/>
</appender>
</appenders>

In the catalina.out log we see messages like this:
2018-02-01 16:52:51,530 [INFO] LogEvent [RBPM] [Workflow_Forwarded]
Initiated by System, Process ID: 1ab7610c066d4ee59407fddc1f773b62,
Process Name:
cn=modifyuser,cn=requestdefs,cn=appconfig,cn=ua,cn =driverset,o=system:2245,
Activity: Activity7, Recipient:
cn=uaadmin,ou=System,ou=Active,ou=Identities,ou=Me ta,o=XX
log4j:ERROR Logging to NetIQ Sentinel failed.

Any ideas on how to troubleshoot this?

Thanks!