There are things to do on both server and hosts.

Append the following line to the /etc/rsyslog.conf file and restart the rsyslog service.

*.* @IP_ADDRESS_OF_THE_LOG_SERVER

Uncomment those lines in /etc/rsyslog.conf file.

# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514

Add a file in the /etc/rsyslog.d directory for each remote logging host in with the following content:

$template myhostname, "/var/log/%HOSTNAME%/%PROGRAMNAME%.log"
if $fromhost-ip == 'HOST_IP_ADDRESS' then ?myhostname

This will store log files of remote hosts in different folders following the hostname, with filenames corresponding to the name of the program that emitted logs.