In our splunk environment, we have one master node (Master1) and two search head (search head 2 & search head 3) and five indexers
(indexer 1, indexer 2, indexer 3, indexer 4 & indexer 5) in all the splunk indexer logs replicate to HMTWSPL05.

I have splunk daily volume 500 GB license

We are using splunk alerting purpose & saved 5 days logs

For me three DR server

DR Search head >>>>Search head
DR Master node server>>>>master node
DR Indexer >>>>indexer

How can enable DR setup for this environment, we need live logs also forward DR indexer & saved 5 days forwarder logs

Please give a clear picture for me.

Suppose that I have forward logs to DR indexer server, does that mean it will also accumulate splunk?