[syslog-ng] Question on message parsing amd formats

[Generic Secure-Logging]

I have a question on message parsing.

From my unterstanding, if syslog-ng receives a message that is not in the
correct RFC 5424 format, it will just output it as is.

Does that mean that my application needs to generate the message in RFC
5424 format and syslog-ng will just process it?

Or can syslog-ng be configured in such a way that an application just sends
an unformatted string and syslog-ng will generate a valid RFC 5424 from it?

How are RFC 5424 structured data elements treated by syslog-ng? Can it be
configured using macros to generate them or does the application need to
send a valid mesage containing the structured data elements in the right
format?

I am using syslog-ng 3.35.1.

Regards,
Stephan
The information in this e-mail is confidential. The contents may not be disclosed or used by anyone other than the addressee. Access to this e-mail by anyone else is unauthorised.
If you are not the intended recipient, please notify Airbus immediately and delete this e-mail.
Airbus cannot accept any responsibility for the accuracy or completeness of this e-mail as it has been sent over public networks. If you have any concerns over the content of this message or its Accuracy or Integrity, please contact Airbus immediately.
All outgoing e-mails from Airbus are checked using regularly updated virus scanning software but you should take whatever measures you deem to be appropriate to ensure that this message and any attachments are virus free.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20230330/88cd2ccc/attachment.htm>