Some of VIP EG's server.log messages sent to SIEM via syslog were received in multiple lines per record as opposed to a single line.

For instance:

VIP Enterprise Gateway validation server syslog to Devo SIEM

Packet capture indicated that there was a '\n' (new line) in the midst of the record: 

465    6.787488    {IPaddr}    {IPaddr}    Syslog    226    LOCAL0.WARNING:  WARNING "2025-01-13 15:28:34.453 GMT+1100"  0.0.0.0 checkpointvalserver:1812 0 0 18517 "text=VSDS_GetUserDN_Ext call FAILED with status 1001 in 1 User Store\n" Thread-9820 tokenbinding.cpp\n

The workaround solution is to configure the SIEM to ignore the '\n'.
This issue is also resolved by upgrading to VIP Enterprise Gateway version 9.11.1 to addresses this issue and is now available via LiveUpdate or manual update (download from VIP Manager).