One of the engineers at Splunk was able to help me out. This resolved the issue for me.
disabled = 0
maxEventSize = 15728640
Here is the email I got that explains it:
To address the issue referenced below, a new global setting called maxEventSize under [http] stanza in inputs.conf has been introduced to allow customers to configure the expected maximum size of HEC event as part of these releases 7.0.5, 184.108.40.206, 7.1.3, and later.
A workaround for this issue is to have 6.x based HWFs parse the HEC events before forwarding to indexers.
Please let me know if you have any additional question.