i'm trying to assign new index and sourcetype to my data .. i did modify inputs.conf but it didn't work i thought may be it's not the only thing that i must do

What part of it did not work? You can't see data in your new index with your new sourcetype? Or the data isn't assigned to right index and sourcetype even after correctly defining your inputs.conf? Can you share your inputs.conf (mask unwanted information). Thanks.

this is my inputs.conf in splunkuniversalforwarder\etc\system\local
[monitor:/C:\var\log*.log]
disabled=0
sourcetype= log
index =me
i also create a new sourcetype and index with the same names in splunk because they weren't created automaticlly and there is no events in my indexer
thanks.

I am assuming your monitor stanza is [monitor://C:\var\log*.log].
Can you see your input when you run this command splunk list inputstatus?
Try expanding your time range. Search for "All-Time" to see if any data shows up?

Please see that you've checked all the aspects listed here in documentation.

when i do splunk list inputstatus i find c:\var\log*.log type = missing

This can mean, splunk is trying to monitor your file but the file is missing. Can you navigate to C:\var\ folder and check if there are log files starting with log (because, according to your monitor stanza, splunk will ONLY read files starting with log and ending in .log extension. Also, please check if these log files have any data.

there are logs files in var\log\splunk (files like splunkd.log , health.log) so i changer the monitor to var\log\splunk\*.log but the type is also missing