The scenario is there are 100 endpoints sending logs to there internal inhouse syslog server. We need to deploy Splunk here. So that admin will be able to monitor logs on Splunk Enterprise. Make sure both the Universal Forwarder and Splunk Enterprise should be present in the same syslog server.

I am here for the steps I need to follow for this deployment. 
I am mentioning below the steps I am thinking to take place.

1.) First I am thinking to install Splunk Enterprise on the server and then to install universal forwarder.
2.) During the installation process of universal forwarder I choose local system rather then domain deployment, then in deployment server i have to leave it blank and on receiver server I have to put the syslog server's IP address and port number which I can be able to get by running command ipconfig on cmd.
3.) I need to download Microsoft add on Splunk base on the same server.
4.) Extract the Splunk base file and create a local folder in Splunkforwarder > etc and paste the input.conf file there and do the required changes.
5.) Then I will be able to get all the syslog server's log on Splunk Enterprise.

Please correct me, or add other steps which I need to follow.