diff --git a/defaults/main.yml b/defaults/main.yml
index 581f8f7..28b4c64 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -21,6 +21,7 @@ rsyslog_server_package_state: "latest"
 
 rsyslog_server_spool_directory: /var/spool/rsyslog
 rsyslog_server_storage_directory: /var/log/rsyslog
+rsyslog_server_logrotation_window: 14 #Number of days to keep logfiles
 
 # provides UDP syslog reception
 rsyslog_server_udp_reception: true
@@ -29,3 +30,9 @@ rsyslog_server_udp_port: 514
 # provides TCP syslog reception
 rsyslog_server_tcp_reception: true
 rsyslog_server_tcp_port: 514
+
+# Rate limits
+rsyslog_server_ratelimit_interval: 0 # Disabled by default
+
+# To use this setting, you have to configure a interval >0 seconds for rsyslog_server_ratelimit_interval
+rsyslog_server_ratelimit_burst: 10000
diff --git a/releasenotes/notes/rsyslog-remote-log-separation-76de4b64f0c18edb.yaml b/releasenotes/notes/rsyslog-remote-log-separation-76de4b64f0c18edb.yaml
new file mode 100644
index 0000000..5a29e08
--- /dev/null
+++ b/releasenotes/notes/rsyslog-remote-log-separation-76de4b64f0c18edb.yaml
@@ -0,0 +1,8 @@
+---
+upgrade:
+  - New overrides are provided to allow for better customization
+    around logfile retention and rate limiting for UDP/TCP sockets.
+    ``rsyslog_server_logrotation_window`` defaults to 14 days
+    ``rsyslog_server_ratelimit_interval`` defaults to 0 seconds
+    ``rsyslog_server_ratelimit_burst`` defaults to 10000
+  - The rsyslog.conf is now using v7+ style configuration settings
diff --git a/templates/os_aggregate_storage.j2 b/templates/os_aggregate_storage.j2
index 1da60c7..e0144b7 100644
--- a/templates/os_aggregate_storage.j2
+++ b/templates/os_aggregate_storage.j2
@@ -3,7 +3,7 @@
         copytruncate
         weekly
         missingok
-        rotate 14
+        rotate {{ rsyslog_server_logrotation_window }}
         compress
         dateext
         maxage 60
diff --git a/templates/rsyslog.conf.j2 b/templates/rsyslog.conf.j2
index 5f2e35b..84c66cb 100644
--- a/templates/rsyslog.conf.j2
+++ b/templates/rsyslog.conf.j2
@@ -3,40 +3,21 @@
 #################
 #### MODULES ####
 #################
-$ModLoad imuxsock # provides support for local system logging
-$ModLoad imklog   # provides kernel logging support
-
-{% if rsyslog_server_udp_reception == true %}
-# provides UDP syslog reception
-$ModLoad imudp
-$UDPServerRun {{ rsyslog_server_udp_port }}
-{% endif %}
-
-{% if rsyslog_server_tcp_reception == true %}
-# provides TCP syslog reception
-$ModLoad imtcp
-$InputTCPServerRun {{ rsyslog_server_tcp_port }}
-{% endif %}
-
-# Enable non-kernel facility klog messages
-$KLogPermitNonKernelFacility on
-
+module(load="imuxsock") # provides support for local system logging
+module(load="imklog") # provides kernel logging support
 
 ###########################
 #### GLOBAL DIRECTIVES ####
 ###########################
-#
+
 # Use traditional timestamp format.
 # To enable high precision timestamps, comment out the following line.
-#
 $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
 
 # Filter duplicated messages
 $RepeatedMsgReduction on
 
-#
 # Set the default permissions for all log files.
-#
 $FileOwner syslog
 $FileGroup adm
 $FileCreateMode 0640
@@ -45,17 +26,33 @@ $Umask 0022
 $PrivDropToUser syslog
 $PrivDropToGroup syslog
 
-#
 # Where to place spool and state files
-#
 $WorkDirectory {{ rsyslog_server_spool_directory }}
 
-#
-# Include all config files in /etc/rsyslog.d/
-#
-$IncludeConfig /etc/rsyslog.d/*.conf
 
-$template DDF, "{{ rsyslog_server_storage_directory }}/%hostname%/%programname%.log"
-if \
-$source != 'logsrv' \
-then -?DDF
+# Log all remote messages into a sub directory
+template(name="DDF" type="string" string="{{ rsyslog_server_storage_directory }}/%hostname%/%programname%.log")
+ruleset(name="remote"){
+  *.* -?DDF
+}
+
+# Switch back to default ruleset
+$Ruleset RSYSLOG_DefaultRuleset
+
+# Enable non-kernel facility klog messages
+$KLogPermitNonKernelFacility on
+
+{% if rsyslog_server_udp_reception == true %}
+# Provides UDP syslog reception
+module(load="imudp")
+input(type="imudp" port="{{ rsyslog_server_udp_port }}" ruleset="remote" RateLimit.Interval="{{ rsyslog_server_ratelimit_interval }}" RateLimit.Burst="{{ rsyslog_server_ratelimit_burst }}")
+{% endif %}
+
+{% if rsyslog_server_tcp_reception == true %}
+# Provides TCP syslog reception
+module(load="imtcp")
+input(type="imtcp" port="514" ruleset="remote" RateLimit.Interval="{{ rsyslog_server_ratelimit_interval }}" RateLimit.Burst="{{ rsyslog_server_ratelimit_burst }}")
+{% endif %}
+
+# Include all config files in /etc/rsyslog.d/
+$IncludeConfig /etc/rsyslog.d/*.conf
diff --git a/tests/test.yml b/tests/test.yml
index d198d57..24bd624 100644
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -33,5 +33,5 @@
     - name: Check role functions
       assert:
         that:
-          - "'$template DDF' in (rsyslog_conf.content | b64decode)"
+          - "'template(name=\"DDF' in (rsyslog_conf.content | b64decode)"
           - "os_aggregate_storage.stat.exists"