From your screenshot, I see you have restarted syslogd on 10.1.1.31.
Have you edited the /etc/syslog.conf file on 10.1.1.31 correctly?
Please run "cat -t /etc/syslog.conf". It should output something like this:
$ cat -t /etc/syslog.conf
# @(#)B11.23_LR
#
# syslogd configuration file.
#
# See syslogd(1M) for information about the format of this file.
#
mail.debug^I^I/var/adm/syslog/mail.log
*.info;mail.none^I/var/adm/syslog/syslog.log
*.alert^I^I^I/dev/console
*.alert^I^I^Iroot
*.emerg^I^I^I*
*.debug^I@10.11.22.33
The "cat -t" command replaces the normally space-like TAB characters with "^I"s. There should be at least one ^I on each non-blank non-comment line between the message selector part and the log destination part. You should have the IP address of your Windows server instead of 10.11.22.33.
The *.* syntax works with most syslog daemons, but you might try using *.debug instead... maybe I'm confusing HP-UX with Linux or some other Unix, and HP-UX requires using *.debug to mean "absolutely everything". The above file is copied from a HP-UX 11.23 system that is successfully sending syslog messages to a remote destination.
After you've verified this (and restarted the syslog daemon again if you had to make any changes), you should use the "logger" command to generate a new syslog message or two. For example:
logger -i "test syslog message"
MK
