Howto get syslog data from remote hosts split up into separate log files.
<code>
# provides UDP syslog reception
module(load="imudp")
#input(type="imudp" port="514")
input(type="imudp"
        port="514"
        ruleset="writeRemoteDataHosts")
</code>

Create a separate file per host
<code>
ruleset(name="writeRemoteData"
        queue.type="fixedArray"
        queue.size="250000"
        queue.dequeueBatchSize="4096"
        queue.workerThreads="4"
        queue.workerThreadMinimumMessages="60000"
       ) {
    action(type="omfile" file="/var/log/remote-logs/remote.log"
           ioBufferSize="64k" flushOnTXEnd="off"
           asyncWriting="on")
}

template(name="logPerHost" type="string" string="/var/log/remote-logs/%FROMHOST%.log")
ruleset(name="writeRemoteDataHosts"
        queue.type="fixedArray"
        queue.size="250000"
        queue.dequeueBatchSize="4096"
        queue.workerThreads="4"
        queue.workerThreadMinimumMessages="60000"
       ) {
    action(type="omfile" dynaFile="logPerHost"
           ioBufferSize="64k" flushOnTXEnd="off"
           asyncWriting="on")
}
</code>