Thanks for your response Santiago!
So the target system is actually a pfSense router (FreeBSD 10.3 based) and the main problem I have is that the logs are not in plaintext format - they use a "clog" format instead which OSSEC can't read. The only workaround at the moment is to run a local Syslog server on the router and log everything to localhost to get the logs in plaintext - I hate the idea of this really :)
However, I do have the option of sending the logs via Syslog to the OSSIM server directly but this bypasses OSSEC.
Your point about encryption and authentication is a good one but this won't be an issue for me as the link between the OSSIM server and OSSEC client is a physically separate, cabled interface used only for that purpose. I also don't need e-mail notifications or active response.
That being said, do I still lose something by not sending the logs to the OSSEC client first? In particular you mentioned: "detecting possible security issues, misconfigurations, errors". Are you saying that OSSIM is unable to give me the same functionality when sending the logs from the client directly to the server via Syslog?
Is is still worth the effort setting up the local Syslog workaround I mentioned above to be able to have the OSSEC client parse the local logs?
I appreciate your continued help.