Our nginx TLS terminators are currently patched with a custom-written patch that adds udp2log logging support.
This is unmaintained, buggy (e.g. with regards to sequence number generation) and needs porting to each newer nginx version (and requires us to ship custom packages).
I remember hacking on it and fixing some bugs my second week at the foundation and people telling me to let it go as it was going away "soon". Almost three years ago have passed and we still have it, for reasons that still aren't clear to many people including myself.
We're moving to a much newer nginx version (1.6.x looks like) very soon, so it'd be nice to either deprecate the stream entirely, or falling to do that, properly architecture it and assign it a maintainer. This conversation is a blocker for a couple of quarterly goals for SRE so we should figure this out very soon.