1. The standard syslog service can parse logs by facility, so you can set up logging of different components to different files at the syslog level, and manage their rotation.
Also, syslog can work with other syslogs, so you can aggregate logs from different machines and manage them centrally.
2. logs sent to stdout are usually redirected somewhere, to the same file, or immediately robbed into some kind of aggregator.
In modern times, stdout is most often talked about when you run something in a container, and the container is spinning in an orchestrator like kubernetes / openshift.
In this case, an external collector is configured - the same filebeat, fluentd, logstash or syslog, which collects logs from the entire kubernetes / openshift cluster, parses them and throws them into the aggregator.
We just deployed a new component and by its name you can filter the logs in the same Kibana, while you don’t need to configure something for the new component anywhere in the logging system, everything is tagged automatically.

stdout is standard output, usually the console. So you launched the application in the console - and saw what it wrote to you, because it outputs messages to stdout. And it's not for nothing that std in the name is "standard". He can work with a lot of things. Let's take systemd for example: it starts the service, its stdout is caught and gets into journald. You can wrap it up somewhere else. Container management systems do this too.
How to collect? Well, you know how to do everything, you are talking about queues, write logstash - here, this is it. You take filebeat, well, or whatever other *beats it has, catch the output of your applications with them and shove it into the elastic. Well, or let's say you take fluentbit and send them logs to some thread in the queue, and from there to the storage.

1. In what cases are logs usually written to syslog?