As per RFC6587 one of our server sending TCP syslog message to syslog server, but wireshark not decoding properly.
TCP-DATA = *SYSLOG-FRAME
SYSLOG-FRAME = MSG-LEN SP SYSLOG-MSG ; Octet-counting
; method
Example: following is the tcp data, "95 <30>1 2018-08-01T11:12:29.276656-06:00 hilldale systemd 1 - - Started System Logging Service."
wireshark showing as "Syslog message: (unknown):"