No, it is not.

see http://splunk-base.splunk.com/answers/39231/filtering-with-a-uf-before-indexing for answers to your above question

So, Is it possible to do the filtering at client side ( in Universal forwarder ) ?

Just to be clear these modifications to props.conf and transforms.conf will go on the indexer, not the forwarder.

http://docs.splunk.com/Documentation/Splunk/5.0.2/Deploy/Routeandfilterdatad#Discard_specific_events...

I specified like this

[WinEventLog:Security]
disabled = 0
index = myIndex
All the security logs start moving to the specified index.

Now the problem is... I want to filter the security logs before pushing to the server. Like I want to push only the logs having SourceName=AD FS 2.0 Auditing

ADFS will write the logs into windows event log. I configured the unversal forwarder to collect log from the windows event log. For installation I used the windows msi setup.

It sounds like you were already configured the forwarder to push ADFS logs (which means you configured an inputs.conf file to monitor a directory). In that inputs.conf add index=myIndex and you should be good. there can be multiple inputs.conf files on a forwarder, so you could have configured it in a number of places.

which location ? which file, Is it inputs.conf ?

To specify the index you want an input to go to just add:

index=myIndex

to the monitor stanza in your inputs.conf (on the forwarder).

I don't believe Splunk for AD supports ADFS logs specifically.

Wev are looking for the ADFS monitoring. Splunk App for Active Directory supports ADFS ?

I want to move all logs to specific index ( say myIndex ) rather than going to main index

Do you want any more details ?

In splunk web we can add new application ( say myApp ) right. And I created new index as well ( called myIndex). And the in our application server I installed unversal forwarder and configured to push adfs logs. Logs are moving to main index.