not getting your solution .
can you please tell me more?

I usually do that data onboarding process with separate splunk dev/test instance to set up props.conf & transfers.conf correctly.

• Install e..g splunk trial version to your workstation/some server (you could use also developer or dev/test license for longer period)
• Get some sample data from your onboarding system
• Use Splunk -> Settings -> Add Data 
  • Upload
  • Select file (your sample file)
  • Next
  • Update as need the next settings
    • Event Break
    • Timestamp
    • Advanced
  • When your events have handled properly remember save your new sourcetype definition with "Save As" button
  • Next -> Select host + index -> Review -> Submit
  • Then search events and do fixes and fine tunings if need as many times as need. You could remove events from your test index for meshing up things or use different host name to separate versions
• After you are happy with those events then just copy your props.conf, transforms.conf and create separate TA_xyz for those. Then install it to first full splunk instance counting from UF
• Time by time there could be some definitions on props.conf which need also install to UF too!
• Also you could test if there are some search time props/transforms and develop those also on this host/environment. Later on install those onto your production

I hope that this clarify what I'm meaning for onboarding?

r. Ismo

Then it's best to do onboarding process on your own test/dev instance and update props.conf to correct places after you have fixed that issue on your test splunk.