UDP/514 is the correct destination port for syslog traffic, but if I recall correctly the source port is supposed to be 514 as well and it is 57460 in your case which is causing the traffic be flagged by IPS. Changing the source port to 514 on the sending system should resolve this.
If that is not feasible, there doesn't seem to be a way to add acceptable custom source ports to IPS for that syslog signature that I can see, so your best course of action here is probably an exception against this specific IPS signature for the sending server.
Attend my 60-minute "Be your Own TAC: Part Deux" Presentation
Exclusively at CPX 2025 Las Vegas Tuesday Feb 25th @ 1:00pm