Can Splunk index gzip/zip files (flat-file format)?
Yes.
http://splunk-base.splunk.com/answers/279/does-splunk-index-gzip-files
OK, good. Are there config changes that need to occur?
props.conf, transforms.conf
Nope! It indexes it right out of the box.
Pedantic reminder that "zip" != "gzip". One of these (.zip) is the venerable PKZIP format that allows multiple files within an archive. The other (.gz) is the gzip single-file compression format.
http://docs.splunk.com/Documentation/Splunk/latest/Data/Monitorfilesanddirectories#How_Splunk_Enterp...
