What should a stream metric regex look like for AWS Addon CloudWatchLogs

Hello I need to stream access_logs from aws from different directories such as /directory/subdirectory1/subdirectory2/subdirectory3/**various cryptic numbers**/var/log/apache2/access.log. I would need something like /ecs/service/apache-tls10/PROD-apache-tls10/\*/var/log/apache2/access.log because .\*/var/log/apache2/access.log sends to many logs since there are other directories in the log_group starting with a different directory name which we do not need to index. Reading docs and splunk answers did not point me to a useful example explaining exactly what a 'stream matching regex' should look like. What ever I try I find this entry in _internal: 2019-09-05 06:04:01,758 level=ERROR pid=19218 tid=MainThread logger=splunk_ta_aws.modinputs.inspector pos=util.py:__call__:163 | | message="Failed to execute function=run, error=Traceback (most recent call last): File "/opt/splunk/etc/apps/Splunk_TA_aws/bin/3rdparty/splunktalib/common/util.py", line 160, in __call__ return func(*args, **kwargs) File "/opt/splunk/etc/apps/Splunk_TA_aws/bin/splunk_ta_aws/modinputs/inspector/__init__.py", line 53, in run _do_run() File "/opt/splunk/etc/apps/Splunk_TA_aws/bin/splunk_ta_aws/modinputs/inspector/__init__.py", line 30, in _do_run aiconf.AWSInspectorConf, "aws_inspector", logger) File "/opt/splunk/etc/apps/Splunk_TA_aws/bin/splunk_ta_aws/common/ta_aws_common.py", line 136, in get_configs tasks = conf.get_tasks() File "/opt/splunk/etc/apps/Splunk_TA_aws/bin/splunk_ta_aws/modinputs/inspector/aws_inspector_conf.py", line 60, in get_tasks _cleanup_checkpoints(tasks, config) File "/opt/splunk/etc/apps/Splunk_TA_aws/bin/splunk_ta_aws/modinputs/inspector/aws_inspector_conf.py", line 119, in _cleanup_checkpoints internals = store.get_state("internals") File "/opt/splunk/etc/apps/Splunk_TA_aws/bin/3rdparty/splunktalib/state_store.py", line 155, in get_state state = json.load(jsonfile) File "/opt/splunk/lib/python2.7/json/__init__.py", line 291, in load **kw) File "/opt/splunk/lib/python2.7/json/__init__.py", line 339, in loads return _default_decoder.decode(s) File "/opt/splunk/lib/python2.7/json/decoder.py", line 364, in decode obj, end = self.raw_decode(s, idx=_w(s, 0).end()) File "/opt/splunk/lib/python2.7/json/decoder.py", line 382, in raw_decode raise ValueError("No JSON object could be decoded") ValueError: No JSON object could be decoded " can anyone provide an example for that please?