===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/etc/syslog.conf,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- src/etc/syslog.conf	2016/12/27 13:38:14	1.20
+++ src/etc/syslog.conf	2021/10/13 20:34:03	1.21
@@ -1,4 +1,4 @@
-#	$OpenBSD: syslog.conf,v 1.20 2016/12/27 13:38:14 jca Exp $
+#	$OpenBSD: syslog.conf,v 1.21 2021/10/13 20:34:03 sthen Exp $
 #
 
 *.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none	/var/log/messages
@@ -22,13 +22,11 @@
 # Everyone gets emergency messages.
 #*.emerg							*
 
-# Uncomment to log to a central host named "loghost".  You need to run
-# syslogd with the -u option on the remote host if you are using this.
-# (This is also required to log info from things like routers and
-# ISDN-equipment).  If you run -u, you are vulnerable to syslog bombing,
-# and should consider blocking external syslog packets.
-#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none	@loghost
-#auth,daemon,syslog,user.info;authpriv,kern.debug		@loghost
+# Uncomment to log to a central host named "loghost" using syslog-tls.
+# You need to run syslogd with the -S option on the remote host if you
+# are using this.
+#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none	@tls://loghost
+#auth,daemon,syslog,user.info;authpriv,kern.debug		@tls://loghost
 
 # Uncomment to log messages from doas(1) to its own log file.  Matches are done
 # based on the program name.