rsyslog server saves logs from remote also in /var/syslog

I have setup my ubuntu server as syslog server to accept all my logs from my router and save them in a seperate mikrotik.log file in the /var/log/ folder.

Everything works but i notice that all messages are also copied in the /var/syslog logfiles.

Is there a way I can stop having these routermessages in my /var/syslog log?

Below are my config files for syslog:

/etc/rsyslog.d/10-mikrotik.conf

$template RouterLog, "/var/log/mikrotik.log"
:fromhost-ip, isequal,    "192.168.2.1" -?RouterLog
& stop

/etc/rsyslog.d/50-default.conf

#  Default rules for rsyslog.
#
# First some standard log files.  Log by facility.
#
auth,authpriv.*         /var/log/auth.log
*.*;auth,authpriv.none      -/var/log/syslog
#cron.*             /var/log/cron.log
#daemon.*           -/var/log/daemon.log
kern.*              -/var/log/kern.log
#lpr.*              -/var/log/lpr.log
mail.*              -/var/log/mail.log
#user.*             -/var/log/user.log


#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#
#mail.info          -/var/log/mail.info
#mail.warn          -/var/log/mail.warn
mail.err            /var/log/mail.err


#
# Logging for INN news system.
#
news.crit           /var/log/news/news.crit
news.err            /var/log/news/news.err
news.notice         -/var/log/news/news.notice
#
# Emergencies are sent to everybody logged in.
#
*.emerg                                :omusrmsg:*


#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
#      busy site..
#
daemon.*;mail.*;\
    news.err;\
    *.=debug;*.=info;\
    *.=notice;*.=warn   |/dev/xconsole

/etc/rsyslog.conf

#  /etc/rsyslog.conf    Configuration file for rsyslog.
#
#                       For more information see
#                       /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#
#  Default logging rules can be found in /etc/rsyslog.d/50-default.conf

#################
#### MODULES ####
#################

$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog   # provides kernel logging support
#$ModLoad immark  # provides --MARK-- message capability

# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514

# Enable non-kernel facility klog messages
$KLogPermitNonKernelFacility on

###########################
#### GLOBAL DIRECTIVES ####
###########################

#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# Filter duplicated messages
$RepeatedMsgReduction on

#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup syslog

#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog

#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf

as I understand & ~ is deprecated and & stop should be used from v7 and up, so your suggestion does not help.

The config which was creating problem in this is case was /etc/rsyslog.d/50-default.conf on my ubuntu 14.04 with rsyslog 7.4.4. This file contains a ine to forward logs to /var/log/syslog. Adding a 10- in front of the mikrotik.conf in your case solved the problem because now it is opened before 50-default.conf and because you have added a line & stop in your 10-mikrotik.conf, it drops all the logs matching the defined criteria for further processing.