diff --git a/t/syslog_rfc5424.t b/t/syslog_rfc5424.t
index 724973785..209f83961 100644
--- a/t/syslog_rfc5424.t
+++ b/t/syslog_rfc5424.t
@@ -26,7 +26,7 @@ select STDOUT; $| = 1;
 
 plan(skip_all => 'win32') if $^O eq 'MSWin32';
 
-my $t = Test::Nginx->new()->has(qw/http/)->plan(21);
+my $t = Test::Nginx->new()->has(qw/http/)->plan(23);
 
 ###############################################################################
 
@@ -69,6 +69,12 @@ http {
                 syslog:server=127.0.0.1:%%PORT_8982_UDP%%,rfc=rfc5424,tag=my-app,facility=user;
         }
 
+        # RFC 5424 access log with explicit msgid=
+        location /a5424_msgid {
+            access_log syslog:server=127.0.0.1:%%PORT_8982_UDP%%,rfc=rfc5424,msgid=MYAPP
+                       logf;
+        }
+
         # RFC 3164 access log — verify backward compatibility
         location /a3164 {
             access_log syslog:server=127.0.0.1:%%PORT_8983_UDP%% logf;
@@ -128,6 +134,18 @@ my ($pri) = $msg =~ /^<(\d+)>/;
 my $fac = ($pri & 0x03f8) >> 3;
 is($fac, 1, 'rfc5424: facility=user (1) encoded in PRI');
 
+# RFC 5424 MSGID field: explicit msgid= value appears in position 6 of the header
+
+$msg = get_syslog($s5424, '/a5424_msgid');
+my ($msgid_field) = $msg =~ /^<\d+>1\s\S+\s\S+\s\S+\s\d+\s(\S+)\s/;
+is($msgid_field, 'MYAPP', 'rfc5424: explicit msgid= appears in MSGID field');
+
+# Without msgid=, the MSGID field defaults to nil "-"
+
+$msg = get_syslog($s5424, '/a5424');
+($msgid_field) = $msg =~ /^<\d+>1\s\S+\s\S+\s\S+\s\d+\s(\S+)\s/;
+is($msgid_field, '-', 'rfc5424: default MSGID is nil "-"');
+
 # Global error_log uses rfc5424 — check via background-daemon log file
 
 http_get('/a5424');
diff --git a/t/syslog_rfc5424_config.t b/t/syslog_rfc5424_config.t
index 8c13b6044..89dade6e7 100644
--- a/t/syslog_rfc5424_config.t
+++ b/t/syslog_rfc5424_config.t
@@ -105,6 +105,35 @@ like($out, qr/tag length exceeds 48/, 'rfc5424: 49-char tag rejected');
 $out = config_check("syslog:server=127.0.0.1:5140,rfc=rfc3164,tag=$tag49");
 like($out, qr/tag length exceeds 48/, 'rfc3164: 49-char tag rejected');
 
+# msgid= is accepted with rfc=rfc5424.
+
+$out = config_check('syslog:server=127.0.0.1:5140,rfc=rfc5424,msgid=MYAPP');
+like($out, qr/test is successful/i, 'rfc5424: msgid= accepted');
+
+# msgid= without rfc=rfc5424 must be rejected.
+
+$out = config_check('syslog:server=127.0.0.1:5140,msgid=MYAPP');
+like($out, qr/requires rfc=rfc5424/, 'msgid= without rfc5424 rejected');
+
+# msgid= with a non-ASCII byte (>0x7E) must be rejected.
+# Space cannot be tested this way because nginx's config parser splits on
+# whitespace before syslog parsing sees the value.
+
+$out = config_check("syslog:server=127.0.0.1:5140,rfc=rfc5424,msgid=MY\xc3APP");
+like($out, qr/printable US-ASCII/, 'msgid= with non-ASCII byte rejected');
+
+# msgid= must not exceed 32 characters.
+
+my $msgid33 = 'x' x 33;
+$out = config_check("syslog:server=127.0.0.1:5140,rfc=rfc5424,msgid=$msgid33");
+like($out, qr/msgid length exceeds 32/, 'msgid= 33-char rejected');
+
+# A 32-character msgid is within the limit and must be accepted.
+
+my $msgid32 = 'x' x 32;
+$out = config_check("syslog:server=127.0.0.1:5140,rfc=rfc5424,msgid=$msgid32");
+like($out, qr/test is successful/i, 'msgid= 32-char accepted');
+
 done_testing;
 
 ###############################################################################