Folks, if you're not too busy testing 1.4alphas and betas, please have a
look at a new syslogd I've been working on for the last year or so.  It's
meant to be a "drop in" replacement for the current syslogd: it supports
a newer and more complex configuration file but still supports the old
and fails over to the old format if it has trouble parsing its input.
i.e. don't expect it to be any "smaller" or "faster".

The main features of the rewrite are:
* complete control over what ports do and don't get opened for receiving
  of log messages;
* new, more flexible and powerful configuration file format;
* TCP connections for transferring messages (accept/deny controlled
  through libwrap);
* hash logs providing the means to detect log file tampering as well
  as attempts to data transfered over the network.

Other knobs added:
* control of how often fsync(2) is called;
* control of displaying "repeated message" or log every messages;
* inclusion of facility & priority in log messages.

Presently, it even has man pages (:-) for itself (nsyslogd), the
configuration file and log checker.

Currently, encryption is NOT performed :/  I'm not sure whether or not
to just try and fit it with SSL or do it in its own way (key management
is a concern, of course) or recommend using it with ssh or ...

http://coombs.anu.edu.au/~avalon/nsyslog.html

Darren