Extracting the time stamps is done on the indexer and not the forwarder (unless it's a heavy forwarder of course). Assuming you are using a heavy forwarder here? If it's the universal forwarder then you'll need to move those settings to the indexer for that sourcetype.

It looks like you've got the right settings on TIME_FORMAT except you have '/' in there and i'm guessing that will also be an issue. Try this:

TIME_FORMAT = %d %m %Y %H:%M:%S

Take a look at the docs for the different types of forwarders:

http://docs.splunk.com/Documentation/Splunk/6.0/Forwarding/Typesofforwarders

You should check the splunkd.log on your forwarder (it's in $SPLUNK_HOME\var\log\splunk\splunkd.log). I see a couple of issues with your config:

You have a stanza with [sourcetype:<mysourcetype>]. You don't need to specify sourcetype in the stanza, but if you do, it should be with TWO colons. So, either [sourcetype::mysourcetype] or just [mysourcetype].

Then, you have a TIME_PREFIX consisting of a sole ]. I'm not entirely sure how this is handled, but ] is a special character in regular expressions, which is what's used for TIME_PREFIX. If you want to match a literal ] you should escape it - TIME_PREFIX = \]

Finally it's useless to have field extractions on a forwarder. Field extraction happens at search-time, so all those definitions should go on the Splunk instance you're searching on only. It doesn't throw an error if you put that kind of stuff on a forwarder, there's just no reason for it to be there.