diff --git a/docs/environment-variables.md b/docs/environment-variables.md
index 1faa291..2a19dbf 100644
--- a/docs/environment-variables.md
+++ b/docs/environment-variables.md
@@ -121,6 +121,10 @@ OpenObserve is configured through the use of below environment variables.
 | ZO_ALERT_SCHEDULE_INTERVAL           |                            | No           |  |
 | ZO_TCP_PORT                          | 5514                       | No           | TCP port for syslog  |
 | ZO_UDP_PORT                          | 5514                       | No           | UDP port for syslog  |
+| ZO_TCP_TLS_ENABLED                   | false                      | No           | Enable TLS for TCP syslog server. |
+| ZO_TCP_TLS_CERT_PATH                 |                            | No           | Path to the TLS certificate file to be used on the server. |
+| ZO_TCP_TLS_KEY_PATH                  |                            | No           | Path to the TLS key file to be used on the server. |
+| ZO_TCP_TLS_CA_CERT_PATH              |                            | No           | Path to the TLS CA certificate file to be used on the server. |
 | ZO_APP_NAME                          |                            | No           |  |
 | ZO_DEFAULT_SCRAPE_INTERVAL           |                            | No           |  |
 | ZO_CIRCUIT_BREAKER_ENABLE            |                            | No           |  |
diff --git a/docs/ingestion/logs/syslog.md b/docs/ingestion/logs/syslog.md
index fd82933..cf288c8 100644
--- a/docs/ingestion/logs/syslog.md
+++ b/docs/ingestion/logs/syslog.md
@@ -13,7 +13,7 @@ Before you can send logs to OpenObserve, you need to enable OpenObserve to act a
 OpenObserve will only accept syslog traffic from the subnets that you specify. You must specify a minimum of 3 things:
 
 - Organization
-- Stream name 
+- Stream name
 - Subnets
 
 ## Configuration
@@ -22,9 +22,18 @@ Default port: `5514`
 
 You can change the default port number using the following environment variables:
 
-* `ZO_TCP_PORT` - TCP port number to listen on. Default: `5514`
-* `ZO_UDP_PORT` - UDP port number to listen on. Default: `5514`
+- `ZO_TCP_PORT` - TCP port number to listen on. Default: `5514`
+- `ZO_UDP_PORT` - UDP port number to listen on. Default: `5514`
 
+You can also configure the TLS settings for syslog TCP server using the following environment variables:
+
+- `ZO_TCP_TLS_ENABLED` - Enable TLS for TCP syslog server. If enabled, `ZO_TCP_PORT` will be used for the TLS connection over TCP. Default: `false`
+
+If `ZO_TCP_TLS_ENABLED` is set to `true`, then ensure all the below variables are set:
+
+- `ZO_TCP_TLS_CERT_PATH` - Path to the TLS certificate file to be used on the server.
+- `ZO_TCP_TLS_KEY_PATH` - Path to the TLS key file to be used on the server.
+- `ZO_TCP_TLS_CA_CERT_PATH` - Path to the TLS CA certificate file to be used on the server.
 
 ## Testing
 
@@ -36,11 +45,12 @@ Steps:
 
 ### Clone the repo
 
-``` shell
+```shell
 git clone https://github.com/openobserve/syslog_log_generator
 cd syslog_log_generator
 ```
-### Modify the script 
+
+### Modify the script
 
 file `generate_logs.sh`
 
@@ -57,6 +67,6 @@ Modify the file with the appropriate IP address.
 ./generate_logs.sh
 ```
 
-Watch a youtube demo here: 
+Watch a youtube demo here:
 
 <iframe width="560" height="315" src="https://www.youtube.com/embed/dF1IEEY-R54?si=tW8E-LFAqGkAP4ey" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe>