If you have configured Splunk to listen to udp:514, then you did configure Splunk to collect data on any server that sends syslog data on udp:514.
Use Deploy Monitor app(All Forwarder View) for checking which are the forwarders sending data.
In inputs.conf mention the ip address which should only be accepted from.
acceptFrom = <network_acl> ... * Lists a set of networks or addresses to accept connections from. These rules are separated by commas or spaces * Each rule can be in the following forms: * 1. A single IPv4 or IPv6 address (examples: "10.1.2.3", "fe80::4a3") * 2. A CIDR block of addresses (examples: "10/8", "fe80:1234/32")