You add it as an input. One of the configuration options is to set the sourcetype.
[monitor:///myfile/....] sourcetype = my_sourcetype
After you have it in Splunk, you can create the extractions for it to pull the interesting fields.
already got the logs on splunk by using :
disabled = 0
recursive = true
index = logtest
sourcetype = mytestsourcerype
BUT, i cant filter by fields , splunk doesnt recognize the logs with the fields
So know you need to setup Field Extractions. Check this out in the manual: http://docs.splunk.com/Documentation/Splunk/6.2.4/Knowledge/ExtractfieldsinteractivelywithIFX There are few different ways to extract the data, but this will get you started.