SCO UNIX Syslogs - Only partial information
I'm curious as to what syslog information should be captured from SCO. I have two SCO boxes sending syslogs to the EventLogAnalyzer server; however, all the log information they are sending is not getting entered into the EventLogAnalyzer logs.
For your information, in the syslog.conf file, I have *.debug going to the syslog server.
To test, I captured traffic between the SCO boxes and the EventLogAnalyzer server, and then restarted the syslog daemon a few times and created a password failure event. According to my packet capture, all traffic was received from the SCO boxes by the EventLogAnalyzer server, but the entries were not reflected in the logs.