You have to configure syslog-ng on the clients to know about the server.
You need something like:
log { source(local_src); destination(d_messages); };
Also, keep in mind that syslog-ng can work over either tcp or udp and that Amazon's security groups would require two separate rules, one tcp and one udp, to allow both traffic types.
You can verify the syslog-ng server is listening on port 514 with
netstat -ntpl
for tcp or
netstat -nulp
for udp.