TCP Rewrite Rule used in Syslog TCP

Hi Dev/Central community!

I've a SIEM with two syslog/tcp recievers (Let's name it R1 and R2). I 've created a VS to listen a 514/TCP, recieve the Syslog TCP message and send it to R1. In case R1 is down, the VS will send the Syslog TCP message to R2. As my SIEM assign a tag to each message recieved with the client IP, I need to rewrite the syslog message before send it to the R1 or R2 receivers (because I see the f5 self ip as client IP in the recievers). So, I've writed an iRule to rewrite the header of each syslog message before send it.

this is my irule so far:

when CLIENT_ACCEPTED {
    # Tomo la IP del cliente que se conecta al VS / Get the client IP connecting to the VS
    set ip_original [IP::remote_addr]
    # Tomo el Payload y la paso al siguiente nivel / Get the tcp payload to send it to Client Data
    TCP::collect
    log local0. "Client Accepted from $ip_original"
}

when CLIENT_DATA {
    set OrgininalTCPLength [TCP::payload length]
    # Primer <PRI> del payload / Try to detect <PRI> header in very first payload bytes
    regsub {^<\d+>} [TCP::payload] "\[\]\[\]\[$ip_original\]\[[clock seconds]\]\[\] " string
    # CRLF 0d0a \r\n + <PRI> / Look for another syslog message in the same TCP Payload
    regsub -all {\r\n<\d+>} $string "\r\n\[\]\[\]\[$ip_original\]\[[clock seconds]\]\[\] " string
    set len [TCP::payload length]
    TCP::payload replace 0 $len $string
    set ModifiedTCPLength [TCP::payload length]
    # Se pasa el Payload al siguiente nivel / Send the modified payload to the next level
    log local0. "Forwarindg message from $ip_original \t original length: $OrgininalTCPLength \t modified length: $ModifiedTCPLength"

    TCP::release
    #Preparo una nueva recoleccion / Get ready for a new collection
    TCP::collect
}

The iRule works like a charm, but in some very little times, it seem to doesn't rewrite the message...

Any clue/ideas/troubleshooting tips?

Regards,

Max