To enforce security should be possible to configure a syslog listener with SSL enabled
What exactly is your question?
For sending SSL syslog data directly into Splunk, you can use a tcp-ssl input, see inputs.conf spec for details.
In general it is considered best practice not to send syslog data directly to UDP/TCP inputs, but rather use a syslog daemon (rsyslog / syslog-ng) to receive the data and write it to disk, and then use file monitor inputs to get the data into splunk.
Both rsyslog and syslog-ng support SSL syslog as far as I know, You best refer to the documentation of those tools themselves for details if you want to take that route.