OSSEC confusion regarding on how to get log data forwarded to Splunk

Hi, I currently have a ossec server running on my linux server with Splunk Forwarder installed on it as well. I have also downloaded the add-on and app for OSSEC in my Splunk indexer. **I have configured the ossec.conf file in my ossec server to:** $ipaddress9521default **And the Forwarder inputs.conf file:** [default] host = $hostname [monitor:///var/ossec/logs/alerts/alerts*] disabled = 0 index = myindex sourcetype = ossec_alerts [monitor:///var/ossec/logs/ossec.log] disabled = 0 index = myindex sourcetype = ossec_log [monitor:///var/ossec/logs/active-responses.log] disabled = 0 index = myindex sourcetype = ossec_ar Are there anything wrong with my configurations? I listed the syslog output ipaddress as my current linux server and i might be wrong. Also, what should i be listing for my inputs.conf **index =** ?: Currently, i am able to index the linux server log data, but not the ossec server log data. How should i proceed the next step to get the data to my Splunk? Sorry, I am new to Splunk and these configurations. I would greatly appreciate any guidance or help, thank you!