Some of VIP EG's server.log messages sent to SIEM via syslog were received in multiple lines per record as opposed to a single line.

For instance:

VIPEG validation server syslog to Devo SIEM

Packet capture indicated that there was a '\n' (new line) in the midst of the record: 

465    6.787488    {IPaddr}    {IPaddr}    Syslog    226    LOCAL0.WARNING:  WARNING "2025-01-13 15:28:34.453 GMT+1100"  0.0.0.0 checkpointvalserver:1812 0 0 18517 "text=VSDS_GetUserDN_Ext call FAILED with status 1001 in 1 User Store\n" Thread-9820 tokenbinding.cpp\n

The solution is to configure the SIEM to ignore the '\n'.
If this is not possible, the patch 9.11.1 addresses this issue and is now available via LiveUpdate or manual update (download from VIP Manager).