OK, took a bit of time to figure out how pypi works and how to make a python package but I got there in the end.
So here’s a package which does the subclassing of SysLogHandler and does the TLS configuration for the user - tlssysloghandler · PyPI
I’ve tried to keep it simple in the number of new parameters being added. Most people will only ever want to use secure=True and use the default openssl system sycertificate store, but I’ve also allowed specifying custom cafile/cadata/etc. like the SMTPHandler does and if someone really wants can pass in an SSLContext or just do unverified TLS. I’m not too fond of the last two options, too much configurability breeds bad coding practices.