Yes it's possible.
Take a look at this:
In principle you would need something like the following in your inputs.conf file:
[WinEventLog://Application] disabled = 0 start_from = oldest index = yourindexname
Then simply search from your GUI with:
The default sourcetype for Windows Application Logs is the one I specified above, but you can change this (not recommended as it'll have a major impact on parsing, etc).
I do not want all Application Eventlogs. I want only logs from a VIEW.
And no, I do not want to use blacklist/whitelist.
If your view has a unique path you can do it this way:
[WinEventLog://Path-To-Your-View] disabled = 0 start_from = oldest index = yourindexname
If that doesn't work for you, do you have any other way to uniquely identify those logs you are planning to collect? Is there a field that is unique for those events? If that's the case, blacklists and whitelists might be the only reasonable way even if you don't want to use them.
You do not have to use Splunk's built-in
WinEventLog facility. You can use the native Windows facilities to write a subset of logs to a directory/file and the use normal Splunk directory/file monitoring to forward them in.