'app' field not extracting UFW events correctly

[ZachChristensen28]

The app field defaults to the value "iptables" instead of the correct value of ufw.

to fix:

update props.conf to the following:

...
EVAL-app = case(match(log_prefix, "(?i)ufw"), "UFW", match(log_prefix, "(?i)_REJECT|_DROP"), "firewalld", true(), "iptables")
...