Syslog format definitions of Sophos Central managed Accesspoints

: we have enabled syslog for our Sophos Cloud managed APX.

To work with the incoming logs and to do regex filtering I need a definition of the syslogs.

I could not find such a document online. Is there some document you can share with me?

e.g. I have such a log:

Facility daemon (3), Severity error (3)
Msg: Sep 22 05:18:48 cloudclient[1640]: status.c:348/single_log_update: Failed Single log update with json size-0, error-SSL peer certificate or SSH remote key was not OK

or this

Facility daemon (3), Severity debug (7)
Msg: Nov 23 09:00:52 cloudclient[23959]: led.c:96/set_led_mode: setting LED to 3 (unclaimed)

There was some detailled document for UTM but I cannot find this anymore.