Yes, that should work just fine. I run a box with 4 syslog instances and they all place nice together. My setup isnt exactly the same, but I have no problems which you are experiencing. My setup: I have a master syslog-ng process that does nothing but accept connections from remote hosts and from the local system. That process then relays the messages to other local syslog-ng processes which do the actual work (lots and lots of parsing).
I only included the options and source sections as theyre the only ones that matter.

Master syslog-ng process that accepts from local & remote & forwards to other local processes
@version: 3.0
# syslog-ng configuration file.
#
# This should behave pretty much like the original syslog on RedHat. But
# it could be configured a lot smarter.
#
# See syslog-ng(8) and syslog-ng.conf(5) for more information.
#

options {
    time_reopen(1);
    use_dns(no);
    use_fqdn(yes);
    keep_hostname(yes);
    create_dirs(yes);
    perm(0644);
    dir_perm(0755);
    log_iw_size(50000);
    log_fifo_size(100000);
    #time_sleep(1);
};

source s_sys {
    file("/proc/kmsg" program-override("kernel"));
    unix-stream ("/dev/log");
    internal();
};
source s_net {
    tcp(ip(0.0.0.0) port(514) max-connections(1000));
    udp(ip(0.0.0.0) port(514));
};

syslog-ng that accepts the forwarded messages
@version: 3.0
# syslog-ng configuration file.
#
# This should behave pretty much like the original syslog on RedHat. But
# it could be configured a lot smarter.
#
# See syslog-ng(8) and syslog-ng.conf(5) for more information.
#

options {
    time_reopen(1);
    long_hostnames(off);
    use_dns(no);
    use_fqdn(no);
    keep_hostname(yes);
    create_dirs(yes);
    perm(0644);
    dir_perm(0755);
    #log_fetch_limit(100000);
    #log_iw_size(200000);
    #log_fifo_size(400000);
    flush_lines(50);
    flush_timeout(5000);
    #stats_freq(10);
    #stats_level(2);
    #time_sleep(1);
};


source s_master {
    #syslog(ip(127.0.0.1) port(515) transport('tcp') so_keepalive(yes) log_iw_size(1000));
    tcp(ip(127.0.0.1) port(515) flags('syslog-protocol'));
};
source s_syslog {
    internal();
};









Sent: Saturday, June 26, 2010 6:08:42 PM
From: John R. Dunning <jrd@jrd.org>
To: syslog-ng@lists.balabit.hu
Subject: [syslog-ng] Two instances of syslog-ng on the same host? 
Hi wizards.  Apologies if this is an FAQ or something, but I've dug
all around and failed to find the answer.

I have a system on which, for reasons I'd rather not go into here, it
makes sense to run two instances of syslog-ng, one for standard
logging of local events, the other acting as a proxy for a flock of
other systems.

The proxy starts first, very early in the init sequence, the regular
one starts later.

This all worked great with syslog-ng 2, but I recently upgraded to
version 3.1.1 and I can't get it to work correctly.  The proxy
instance is supposed to only be listening on a tcp socket, but it
seems to also be opening the AF_UNIX socket to /dev/log.  This causes
the launch of the main instance to fail.

I've been through the docs, but it's not obvious to me how to get
syslog-ng to start without opening the socket to /dev/log.  Hints?
Thanks in advance...
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html