The syslog output is actually a community plugin so we have limited ability to support troubleshooting.
Luckily syslog is basically just a udp message with a timestamp and the hostname in it.
You could try switching to the udp output via
udp {
host => "localhost"
port => 3001
codec => plain {
format => "%{message}"
}
}