A simple method -- though not nearly as powerful or flexible as using a Lightweight Forwarder -- is to send your logs via Syslog. You can configure Splunk to listen on a network port, likely UDP:514 for Syslog (default).

*NIX hosts can be configured to send logs to remote systems (using Syslog) in much the same way you configure them to log locally. This is typically done in syslog.conf or rsyslog.conf.

Here's a reference to some examples of rsyslog.conf: http://www.rsyslog.com/doc/rsyslog_conf_examples.html

Here's a reference to some examples of syslog.conf: http://linux.about.com/od/commands/l/blcmdl5_syslogc.htm

Check your /etc folder and see which one controls your system's logging. It should have examples inside the conf file.

Cheers,
Ron

There are many ways to accomplish this, but the "best" (from the standpoint of maximal features and minimal oddities) is to use Splunk Light Forwarders on the "other" boxes. A Light Forwarder is a Splunk installation that has the SplunkLightForwarder App enabled. (What I mean by this is there isn't a separate install [as of Splunk 4.1 anyway] for "just" the Forwarder. You install the same RPM/DEB on every machine, and what it does is based on how you configure it.)

You will configure your indexer to listen on a "splunktcp" input, and configure your forwarder apps on your other machines to forward data to it.

Documentation wise, you'll want to start at http://www.splunk.com/base/Documentation/latest/Admin/Aboutforwardingandreceiving. That (and subsequent pages in the same section) covers pretty well how you go about configuring forwarding.