I want to fetch DNS and DHCP logs from my server directly to my local system, where I have my Splunk enterprise, without implementing HF and others.
Is it possible to do so? If yes then how? Kindly help!
Why? What would the Search Head do with them (it is not an Indexer)?
Take a step back. What is the problem that you think this will solve?
It could be possible.
You don't provide any details on where the logs are, how they are stored/recorded or anything like that, so I'll have to give a generic answer.
First, keep handy the Splunk Getting Data In manual, it's really very useful.
If the server storing the logs is windows and the logs are stored on disk, you could map a drive from your system to the logs folder then just read them off that mapped drive. This is probably not ideal, but should work fine for reasonably light log files (e.g. you aren't ingesting 200GB/day over this I hope).
For testing you could just manually copy a pile of the log files to your system into a local folder that you've told Splunk to monitor - repeat as required. This is a pain in the rear unless you really just need to do a little testing, but if that's all you need is some data to play with and you don't mind copying more data every now and then, it can be just fine.
If on the other hand it's in the windows event logs, I'd really suggest the universal forwarder - the install is quick and painless, the configuration to read the event logs is easy and it'll work much better than any other method.
If it's a *nix box of some sort, well, both "file" ways still hold true. Mapping a drive could be done with SMB or NFS, copying can be done via whatever method you'd like to use. The sky's the limit.
If you really wanted, you could probably write a script that sends it in via HEC (documented in Splunk docs) or some other method, but I'd stick with the simple, easy ones. Trying to go any farther means, IMO, that you should just install the UF. It's really not a big deal. 🙂