How does Multi-line work with Syslog Sources?

Sumo Logic does not provide any options for multi-line detection within Syslog Sources. For Syslog messages received over UDP Sumo Logic will treat all content contained within a single Syslog request as a single message.

With TCP Sumo Logic will treat each line within a request as a new message. Because TCP is a stream the Collector will flush a message whenever a line feed is detected.