out_syslog: address invalid configurations on in syslog

[cosmo0920]

We need to notify UDP with TLS settings is not supported on the current master of Fluent Bit code base.

Closes #11703.

---

Enter [N/A] in the box, if an item is not applicable to your change.

Testing
Before we can approve your change; please submit the following in a comment:

• Example configuration file for the change
• Debug log output from testing the change

• Attached Valgrind output that shows no leaks or memory corruption was found

If this is a change to packaging of containers or native binaries then please confirm it works for all targets.

• Run local packaging test showing all targets (including any new ones) build.
• Set ok-package-test label to test for all targets (requires maintainer to do).

Documentation

• Documentation required for this feature

Backporting

• Backport to latest stable release.

---

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

• Bug Fixes

  • Syslog output now validates and rejects configurations combining UDP mode with TLS encryption, returning an error at startup.

• Documentation

  • Updated syslog mode option description to clarify that DTLS over UDP is unsupported.

[coderabbitai]

📝 Walkthrough

Walkthrough

The syslog plugin now rejects configurations where UDP mode is combined with TLS, preventing silent fallback to unencrypted communication. Configuration validation was added to emit an error and prevent startup, documentation was updated to clarify the limitation, and a test was added to verify the behavior.

Changes

Cohort / File(s)	Summary
Configuration Validation plugins/out_syslog/syslog_conf.c	Added validation logic to flb_syslog_config_create() that rejects configurations with mode=udp and TLS enabled, destroys the partial config context, and returns NULL to prevent startup.
Documentation Update plugins/out_syslog/syslog.c	Updated the mode configuration property description to clarify that DTLS over UDP is not supported by this plugin.
Test Coverage tests/runtime/out_syslog.c	Added new runtime test flb_test_udp_mode_rejects_tls() that verifies flb_start() fails when syslog is configured with mode=udp and tls=on.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• koleini

Poem

🐰 A syslog that whispers in plain UDP light,
Now says "no TLS here, this config's not right!"
We fail fast and clear, no silence or stealth,
Your secrets stay encrypted for digital health. ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	The PR successfully implements the requirement from issue #11703 by rejecting UDP+TLS configurations, adding validation logic and tests.
Out of Scope Changes check	✅ Passed	All changes are directly related to the issue: config validation, documentation updates, and test coverage for the UDP+TLS rejection feature.
Title check	✅ Passed	The title 'out_syslog: address invalid configurations on in syslog' is partially related to the main change but contains unclear phrasing ('on in syslog' appears to be a typo or error). The core concept—addressing invalid syslog configurations—aligns with the changeset, which rejects UDP+TLS configurations and updates documentation.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch cosmo0920-address-invalid-requirements-on-in_syslog

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}