Mahim, Call Home is a part of IOS like the Syslog daemon. When enabled, Call Home uses EEM to watch for specific syslog message and report those directly back to Cisco. There is no external component that could be configured to run on the customers syslog server.
I'm not sure what the customer's security question is, but let me suggest a few options:
If the customer wants to filter messages, adjust the severity level or set a filter on the syslog alert group in the Call Home configuration.
If the customer is simply interested in knowing when messages are sent, use a Transport Gateway. The Transport Gateway is an optional proxy server that will log every message sent back to Cisco.
Or, if they want to inspect every message, they have a coule of options. If they want to inspect every message before it is sent, disable automatic forwarding in the Transport Gateway. Every message will be held in the gateway until inspected and manually released. Or, if they simply want to audit messages, make a copy of the CiscoTAC-1 profile with a local email destination. That email address will get a raw copy of every message sent back to Cisco.