your question is just a little bit vague: because at least you should share the technologies you're using.
Anyway, my hint is to search in Splunkbase (apps.splunk.com) if there's an app for your technology that can guide you in data ingestion and presentation.
sourcefire is unknown in apps.splunk.com, maybe you are speking of CISCO FireSIGHT.
In this case see the Add-on to take logs (https://splunkbase.splunk.com/app/1808/) that's a part of CISCO eStreamer.
About the App, these logs are usually used in the Splunk Enterprise Security, you could also see in the CISCO Suite for Splunk (https://splunkbase.splunk.com/app/5743/).
This is the best approach because otherwise, you should start to:
For this reason I hinted to search for an App, usually from the Vendor (e.g. CISCO).
good for you, see next time!
If this answer solves your need, please, accept one answer for the other people of Community or tell me how I can help you more.
Ciao and happy splunking
P.S.: Karma Points are appreciated 😉