I setup a central RHEL syslog server, it is running RHEL8.4. I have a client that is running RHEL7.9. On the server I setup as such:

template(name="TmplHosts" type="list") {
constant(value="/var/company/rsyslog_monitoring/")
property(name="programname" SecurePath="replace")
constant(value=".log")
}

Provides TCP syslog reception

module(load="imtcp")

Adding this ruleset to process remote messages

ruleset(name="rsyslog_incoming"){
authpriv.;.err action(type="omfile" DynaFile="TmplHosts")

On my client, I just put this:
authpriv.;.err action(type="omfwd" target="logginserver.company.com" port="514" protocol="tcp")

This solution is working, I have log files auto-generated. However, I can not see the severity in these syslog entries. I read through the documentation and tried this template on the client:

template(name="forwardFormat" type="string"
string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%"
)

Then added:
authpriv.;.err action(type="omfwd" template="forwardFormat" target="logginserver.company.com" port="514" protocol="tcp")

However, that didn't work. The syslogs are still sent to the central logging server in their default format. It works, but it would be nice to be able to setup some log parsing based off of severity level. Any input would be appreciated.