Because this app stores a number of passwords and secrets in an encrypted format, I can't copy and put the the app on our deployment server as I normally do with other apps. Does anyone have a method for deploying the Splunk Azure Monitor from a Deployment Server to a heavy forwarder?
You actually can. You just need to copy the splunk.secret file on your Deployment Server to all of the destinations. This is trivial to do before you start Splunk for the first time, however you can do it after the fact; see here: