How can i read logs from specific directories from one of the AWS windows instance(let's call is Instance1) to other AWS windows instance(Instance2) on which my splunk enterprise is installed? Do i need to do some changes in my inputs.conf? If yes what all stuffs i need to add in it ? Can you please explain with an example ?
Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain
At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2
Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain
At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2