Thank you for responding so quickly Vinay.

I am using a multitude of syslog daemons, from syslog, syslog-ng, 
rsyslog, and several different proprietary SIEM/SEM Log archiving 
appliances.  I work in the security sector.

(Yes I have read Rainer before, its actually a big reason I am writing 
the tool that I am working on. Gaps in logs are a real world problem!) 

Regarding issue 6444, these users are attempting to use SysLogHandler to 
write to the local system's syslog sockets. A way of piggy backing on 
the configuration of the local systems logging daemon.

What I am actually doing is ignoring the local systems syslog, and 
sending the syslog packets directly to a remote syslog server. This is 
to replay syslog data that may have been previously lost due to 
connectivity outages.  My tool can also be used to send the data to an 
external server for forensic reasons.

I believe the answer to your last question also sheds light on your 
first question!

The reason that I am looking to add TCP is because a lot of new data 
center architectures are heavily utilizing tcp syslog in a chained / 
centralized environment.  I am also seeing a lot of preferential 
treatment of tcp syslog on logging appliances such as Loglogic.

I am sorry to hear that your test environment is lacking the regression 
suites that you need.

I do hope that another commiter can test for us.  Syslog is an old 
technology and I hope that more efforts like mine and Rainer's can help 
to identify and correct deficiencies in the design.