My first suggestion is that you should check the permissions and file ownership of everything in app on the Deployment Server, including the directory itself.
Second, you should check that all the files on the Splunk Forwarder belong to the user account that runs the forwarder, and that the permissions are set so that it can write to the app directory.
Finally, have you obfuscated some of the information from the log file? What exactly is the name (or names) of the app involved? The log file looks a bit strange to me.