What is the procedure to load the data into the Splunk App for Enterprise Security?
As a general statement, all data in Splunk that you want to use in ES needs to be CIM compliant. These means that the TA's used to parse events, extract and alias fields, all need to have CIM compliant mappings.
@ekost's link is a good starting point, along with : http://docs.splunk.com/Documentation/CIM/4.2.0/User/Overview
You'll find a page in the docs here that discusses data onboarding for ES.