I went partway down that path, and I will offer you an alternative suggestion you may or may not prefer.

I stopped because the cisco logs, especially ASA's, can be quite large, and I wanted only a small subset. I didn't want to tie up the wide area network bandwidth transmitting them (many remote sites are on low speed circuits).

What I did instead was set up snmp traps, and on the cisco side had it write selected log entries to traps. By building a custom list I could select which items are transmitted.

On the good side this limits the messages nicely. On the bad side you need to know what messages you want before you get them (as opposed to reviewing for unexpected messages periodically).

To do what you actually request I think you need to use a different syslog server to collect the logs, and then read their files in zabbix (and/or use that tool to filter). There are a number of such products out there; I stopped short of trying to pick one so I cannot suggest one.