will it also move raw data ?

No - It will copy the data from your source index to the new one specified by the collect command.
It will not remove data from the original index.
You can use (with great care) the |delete command to remove the items from the source DB, but you should be aware that this only prevents the results being returned in search - the events themselves will remain on disk. In many cases this is acceptable, but if your dealing with some sensitive data types, the only way to remove events once indexed is to expire/freeze your index and let Splunk delete the buckets

Will this move the Raw data from one index to another or just the indexed data?

seems that the reporting server changes to the Splunk server instead of the server that generated the event...

I have run this collect command, and then searched in the index I collected the logs to.... but I do not find the results. Is this still working in 5.0.2?

Happy to help. I should also add, you can do this as well...

|collect index=foo sourcetype=foo

...and that will force your sourcetype too.

Note that changing the sourcetype will (as of 6.x, at least) incur additional licensing impact.

Thanks buddy...that little pointer helped me with another issue I was facing. Note that src="ipaddr" OR etc can be used as well if your culprit was a syslog with multiples in it....no doubt the manual would have told me that however long I spend in them! 😉