add custom props.conf for Splunk TA for Zeek and update logger_bootstrap

Vagrant/resources/splunk_server/zeek_ta_props.conf

@@ -0,0 +1,12 @@
+[zeek:json]
+DATETIME_CONFIG =
+INDEXED_EXTRACTIONS = json
+KV_MODE = none
+LINE_BREAKER = ([\r\n]+)
+NO_BINARY_CHECK = true
+category = Structured
+description = Zeek JSON sourcetype with fixed timestamp parsing.
+disabled = false
+pulldown_type = true
+TIMESTAMP_FIELDS = ts
+TIME_FORMAT = %s.%6N