I have not seen anything about Graylog receiving binary… Documentation suggests using tcpdump to a text file and you could have filebeat or nxlog pick up the results.
I suppose you could have tcpdump go directly to a raw input, never tried it. You would be held to process out whatever tcpdump gives you in an extractor or pipeline. If you put it to text file, nxlog/beat can do some preprocessing before sending to Graylog… depending on the number of clients and volume of data, distributing it that way may be preferable. Writing something to specifically take binary would be interesting if you are into that kind of thing…