[syslog-ng] Forward to eIQ?

Is anybody using syslog-ng to forward events to EIQ's "Syslog Service"? I'm using Secure Computing's new "Security Reporter" (aka "G2SR"), a relabeled EIQ product, to process logs from multiple Sidewinder G2 firewalls. When forwarding events from syslog-ng to EIQ, their proprietary Windows syslog daemon takes the source IP address of the syslog-ng box and puts it into the resulting logfiles as the source of the event. I'm wondering if there's a template() I can use to insert the original hostname/IP such that EIQ will respect the forwarded hostname, or if I must use source IP spoofing when forwarding to EIQ? Thanks, Kevin