[syslog-ng] syslog-ng incorrectly parsing some messages

[Crayola]

I am running syslog-ng 1.8.6 on my central syslog server. 
The syslog clients run standard syslog daemons that come 
with the operating systems. Solaris, Cisco, etc. 

I have noticed in my syslog-ng database (mysql) that there are 
many entries like these.  (two separate rows)

| 192.168.11.27  | kern     | info     | info    | 06   | 2005-11-05 | 
 22:37:20 | scsi | scsi: [ID 365881 kern.info] /sbus at 2,0/QLGC,isp at 1,10000 
(isp0): | 512925 |

-------------------------------------------------------------------------

|       Firmware      | kern     | info     | info    | 06   | 2005-11-05 
| 22:37:20 | Version         | Version: v1.37.5, Customer: 15, Product: 0
| 512926 |

These seem to be the result of syslog-ng incorrectly (or the remote client)
parsing the syslog message. 

This is the original syslog messages that the Solaris 9 client 
logs to its logs. 

Nov  5 22:37:20 lefou scsi: [ID 365881 kern.info] /sbus at a,0/QLGC,isp at 1,10000
(isp1):
Nov  5 22:37:20 lefou   Firmware Version: v1.37.5, Customer: 15, Product: 0

As you can see the original is two separate messages as well but what gets 
logged to syslog-ng's database doesn't contain the hostname for the second
message. 
In the second entry.. the hostname is listed as "Firmware" 

I have found many examples of these multiline messages being parsed
incorrectly 
if you need more. 

Any ideas? 

Thanks, 
Mike

Another example...

Nov  5 22:37:20 lefou scsi: [ID 365881 kern.info]
/sbus at 3,0/SUNW,fas at 3,8800000 (fas0):
Nov  5 22:37:20 lefou   rev 2.2 FEPS chip

| 192.168.11.27  | kern     | info     | info    | 06   | 2005-11-05 |
22:37:20
| scsi | scsi: [ID 365881 kern.info] /sbus at 3,0/SUNW,fas at 3,8800000 (fas0): |
512932 |

| rev | kern | info     | info    | 06   | 2005-11-05 | 22:37:20 | | 2.2
FEPS chip
| 512933 |