doing this with a serial line doesn't work nowdays because the serial line isn't fast enough.
I've created such systems, both with serial lines and with static arp entries and modified 100Mb ethernet cables that only allow traffic to go one way through the wire.
I've also created similar systems that have the logs sent out over the wire to a static arp entry and then use a Gig-E network tap to pull traffic going in one direction and send it to a machine (the tap makes the connection one-directional)
This is pretty trivial to do with opensource on commodity (or at least very readily available) hardware.
In practice, very few people want to go to this much effort, even if pretty high security situations.
it's also worth noting that if you start filtering logs, you need to hash/seal/sign each output stream separately, and such logs don't work well when you then start sending the logs to a remote system.