I had the same problem. It is because Splunk is rotating its own log files and retaining them for 5 days, but it doesn't come with a blacklist to automatically suppress the rotated logs. Nett result: all your Splunk logs are being re-indexed at midnight, ultimately 6 times each (original file and 5 daily rotations).
I have a nice little search which demonstrates the effect:

index="_internal" source="*license_usage.log" | eval ISODate=strftime(strptime(date_year."-".date_month."-".date_mday, "%Y-%b-%d"), "%Y-%m-%d (%a)") | eval kB=b/1024 | chart eval(round(sum(kB),0)) over date_hour by ISODate limit=0  | addcoltotals labelfield=date_hour

You if you activate the "heat map" presentation you will probably instantly see a red blip just after midnight every day.

You don't really want to suppress them completely if you want to learn anything about Splunk, and they are your ultimate source of information if you ever come to diagnose problems. (Not even sure that they can be suppressed.) You can reduce the effect, though: put the following in $SPLUNK_HOME/etc/system/local/inputs.conf in the [defaults] stanza (creating it at the top of the file if need be):

blacklist = .*\.([0-9]+|gz|bz2)$

Then restart Splunk.

You will now have suppressed any log files with sequence numbers or that have previously been compressed. Obviously this does not work retrospectively, but from here on you should only have your live daily splunk logs indexed, and any rotations will be ignored. This has the benefit of applying the same default blacklist across the board.

It is possible to see which input sources are being consumed and which not, in real time, but only by tinkering with your access configs first.

The URL is:

https://{yoursplunkserver}:8089/services/admin/inputstatus/TailingProcessor:FileStatus

It will tell you what needs changing to make it work.