is your event Starting with TimeReceived? i.e.
TimeReceived: 2019-05-09T05:29:03.000Z some other data xxxx yyyy zzz
If yes, Please try
[your_source_type]
SHOULD_LINEMERGE=false
NO_BINARY_CHECK=true
LINE_BREAKER = ([\r\n]+)
TIME_PREFIX = ^TimeReceived:\s
TIME_FORMAT = %Y-%m-%dT%H:%M:%S
Then restart splunkd
