How are AWS logs get ingested into Splunk Enterprise or ES? Please advise the steps.
I'm guessing you are'nt getting responses here because this isn't like a simple 3-step process. And if somebody did try to answer, this thread would likely become more like a Professional Services (PS) engagement than a forum answer.
I won't be able to help other than pointing you to the document below. If it seems overwhelming, it may be worth engaging PS (if that's an options for you)
Splunk Add-on for AWS