Well apparently I'm not allowed to post in v7.10 and 7.10.1 [stable] is released!
It was posted there.
Anyway, to answer your question.
I'm running rsyslog log on ubuntu and receiving logs from my firewall and and my Mikrotik
Model CRS309-1G-8S+ running RouterOS 7.10.2
This is what I'm seeing in my logs
7/12/23 7:58 PM WatchGuard-XTM firewall msg_id="3000-0151" Allow 3-LAN-1 0-WAN-1 udp 192.168.0.12 17.253.2.253 54118 123 duration="30" sent_bytes="76" rcvd_bytes="0" (NTP Server-00)
7/12/23 7:58 PM WatchGuard-XTM https-proxy[1639] msg_id="2CFF-0000" Allow 3-LAN-1 0-WAN-1 tcp 192.168.0.10 23.197.193.219 48954 443 msg="HTTPS Request" proxy_act="Default-HTTPS-Client" tls_profile="TLS-Client-HTTPS.Standard" tls_version="TLS_V12" sni="sam.disco.peacocktv.com" cn="peacocktv.com" cert_issuer="CN=Entrust Certification Authority - L1K,OU=(c) 2012 Entrust\x5c, Inc. - for authorized use only,OU=See
www.entrust.net/legal-terms,O=Entrust\x5c, Inc.,C=US" cert_subject="CN=peacocktv.com,O=NBCUniversal Media\x5c, LLC,L=New York,ST=New York,C=US" action="allow" app_id="0" app_cat_id="0" sent_bytes="10540" rcvd_bytes="10540" (HTTPS-proxy-00)
7/12/23 7:58 PM MikroTik rx src 92.168.0.252 dst:192.168.0.2
7/12/23 7:58 PM MikroTik CLIENT message received
7/12/23 7:58 PM MikroTik tx dst 92.168.0.252
7/12/23 7:58 PM WatchGuard-XTM firewall msg_id="3000-0148" Allow 3-LAN-1 0-WAN-1 56 udp 20 63 192.168.0.252 208.38.65.37 59147 53 (DNS-00)
7/12/23 7:58 PM WatchGuard-XTM firewall msg_id="3000-0151" Allow 3-LAN-1 0-WAN-1 udp 192.168.0.252 64.80.255.240 51002 53 duration="30" sent_bytes="60" rcvd_bytes="0" (DNS-00)
It should be 192.168.0.252
Thanks
P.S. I can't attach a syslog file ( http error )