You have to edit the config file of your rsyslog: /etc/rsyslog.conf
I guess you already have a basic configuration.
the less you can do is:
if ($fromhost-ip == 'IP.TO.FORWARD') then @IP.SPLUNK:1514
Do not use the port 514 of course.
Now you should receive your logs on your Splunk port UDP 1514.
You have the possibility to use TCP as well.