Splunk metadata information

We recently purchased splunk and hired a contractor to implement it for us. We want to capture information from the log files and display it in a

very simple manner via splunk. We are facing issues with collecting some metadata type information. I will try to explain it via an example :

Server is setup with two apache instances The first instance hosts application1 The second instance hosts application2,3,4

Log file examples

/opt/logs/apache/inst1/file.log
/opt/logs/apache/inst2/file.log
/opt/logs/apache/application1/log4j.log
/opt/logs/apache/application2/log4j.log
/opt/logs/apache/application3/log4j.log

I want splunk to display information by application id. That is, when I select application1, Splunkshould display the servers that application1 is hosted on. After this I can select the apache instance that hosts it. This allows me to drill down to the actual instance without having to generate complex Splunk expressions. To achieve this, the splunk contractor want us to modify the entire log file location :

Log file examples

/opt/logs/apache/add_server_name_here/add_application1_here/inst1/file.log
/opt/logs/apache/add_server_name_here/add_application2_here/inst2/file.log
/opt/logs/apache/add_server_name_here/add_inst1_here/application1/log4j.log
/opt/logs/apache/add_server_name_here/add_inst2_here/application2/log4j.log
/opt/logs/apache/add_server_name_here/add_inst2_here/application3/log4j.log
/opt/logs/apache/add_server_name_here/add_inst2_here/application4/log4j.log

This requires a massive change on all of our servers. Is this really necessary or is there a simple way for us to provide this metadata information to Splunk ?