Look at attributes MAX_DAYS_AGO and MAX_DAYS_HENCE in props.conf (where you define your sourcetype)
http://docs.splunk.com/Documentation/Splunk/6.4.0/Admin/Propsconf

MAX_DAYS_AGO = <integer>
* Specifies the maximum number of days past, from the current date, that an
  extracted date can be valid. Splunk still indexes events with dates older
  than MAX_DAYS_AGO with the timestamp of the last acceptable event. If no 
  such acceptable event exists, new events with timestamps older than MAX_DAYS_AGO 
  will use the current timestamp.
* For example, if MAX_DAYS_AGO = 10, Splunk applies the timestamp of the last 
  acceptable event to events with extracted timestamps older than 10 days in 
  the past. If no acceptable event exists, Splunk applies the current timestamp.
* Defaults to 2000 (days), maximum 10951.
* IMPORTANT: If your data is older than 2000 days, increase this setting.

MAX_DAYS_HENCE = <integer>
* Specifies the maximum number of days in the future from the current date
  that an extracted date can be valid. Splunk still indexes events with dates 
  more than MAX_DAYS_HENCE in the future with the timestamp of the last acceptable 
  event. If no such acceptable event exists, new events with timestamps after 
  MAX_DAYS_HENCE will use the current timestamp.
* For example, if MAX_DAYS_HENCE = 3, Splunk applies the timestamp of the last 
  acceptable event to events with extracted timestamps more than 3 days in the 
  future. If no acceptable event exists, Splunk applies the current timestamp.
* The default value includes dates from one day in the future.
* If your servers have the wrong date set or are in a timezone that is one
  day ahead, increase this value to at least 3.
* Defaults to 2 (days), maximum 10950.
* IMPORTANT: False positives are less likely with a tighter window, change
             with caution.