Hi bkyle and HolyGuacamole
Windows UAC was already turned off. Windows Firewall was setup to allow Kiwi Syslog Server, but I completely turned it off to try again. The server (Windows 2008 R2) is running antivirus which I cannot disable. Below are results for 8 more passes.
- Wireshark: 500 packets --> Syslog: 448 packets
- Wireshark: 500 packets --> Syslog: 403 packets
- Wireshark: 500 packets --> Syslog: 414 packets
- Wireshark: 500 packets --> Syslog: 390 packets
- Wireshark: 500 packets --> Syslog: 480 packets
- Wireshark: 500 packets --> Syslog: 496 packets
- Wireshark: 500 packets --> Syslog: 500 packets
- Wireshark: 500 packets --> Syslog: 421 packets
Considering that Wireshark is installed on the same machine as Syslog, I am puzzled as to why Syslog is not seeing the same data as Wireshark.