I had to import some old gzipped log files - so I simply did a:
splunk add oneshot /var/log/mylogfile.1.gz
The problem was that the source type was /var/log/mylogfile.1.gz and not /var/log/mylogfile - breaking some of the field extractions I use. I found that I could not use wildcards in the source to capture the field extraction, and I couldn't use sourcetype as there were multiples.
1. I figured out the ranges of the data and deleted it using a search
2. I readded the data using a oneshot with a rename-source
splunk add oneshot /var/log/mylogfile.1.gz -rename-source /var/log/mylogfile
(repeat multiple times for each compressed logfile of the same name)
Problem solved - though this will go against your quota as the data is being re-indexed.