It is possible that there are more than one way to do this, but using a virtual router I had in my GNS3 lab this is all I did:
I added a DNS record for the device.
You can test this by checking your DNS information for your "one working" device and see if there's a DNS record. Otherwise if they're the same make and model you might be able to review the running config to see what's set there that isn't.
The reason I say this is that my syslog data still shows the IP address in the raw logs in checklogs. I believe Cisco has the ability to set the source IP information to hostname as well, but I didn't see it from a brief search. The DNS record was enough for me to achieve the results, but you can likely get the same by changing settings on your Cisco device directly so that it sends the hostname instead of IP.
In case you haven't used checklogs before:
Use the CMC checklogs command to display log files - SolarWinds Worldwide, LLC. Help and Support
PS:
It looks like the command is in this Thwack link from last year:
Play around with it in your environment and test if you can. From my testing it doesn't appear to replace the DetectionIP, but will be shown as the Node Name on the Manage -> Nodes view in the Web Console.