I need help with setting these wild cards, it seems like Splunk is not picking up the file in the sub folders. Logs are in:
/opt/app/nv/vtest/test1/logs/mylLogs/file1/file2/testing/year/month/day/day/APP-blah-blah-bhal-LOG
There is data in the sub folder in `/year/month/day/day`/, and then there are the file names that seem random, but start with APP and end with LOG.
Below is what I have set up and no data is coming in.
[monitor:///opt/app/nv/vtest/test1/logs/mylLogs/file1/file2/testing/.../.../.../.../APP*LOG]
disabled = false
recursive = false
sourcetype = blah
index = foofooblahhhhhh
↧