Hi
splunk event receive syslog ,but it didn'nt appear msg type.
for example
kiwisyslog or 3cdemon
splunk only display "Message"
thank you
That is expected behaviour.
Syslog will only send the "Message" - what you are showing in your screenshot is how your syslog server renders the data for you.
Side Note: I would be a bit alarmed that your syslog server appears to receive the message 14 -17 seconds before the client has sent it!
I'm not familiar with the tool pictured, but it might suggest you have a time sync issue to deal with.