Default Log Format / ensure using a parameter="value" format eveywhere
I'm "playing" a lot with my Firebox Logs actually and i'm very upset by the Log format provided by my firewalls, it's so inconsistent ;-((
It's so difficult to integrate into a SIEM (Splunk for example) because field extraction is not easy when name of the important field is not provided when using a remote syslog server.
Why don't you provide a way to send logs using a parameter="value" format for each field ? This can be enabled (not by default) in the Traffic monitor + ensure any string containing space character is sent between quotes also (example : if you use an interface name with space into it...i know, it's bad, but sometime you didn't choose it initially...)
Please add it to your roadmap to help us win some time during integration and analysis of our logs.