Dear Experts,
I am trying to blacklist a log file.
My Stanza looks like this which is located in /opt/splunkforwarder/etc/apps/search/local/inputs.conf
[monitor:///www/a/logs/*.log]
blacklist = /www/a/logs/hotimportexport.log
disabled = false
index = main
sourcetype = Test
Can someone please tell me why my blacklist is not working?
Thanks,
Try removing the full path name from the blacklist attribute.
[monitor:///www/a/logs/*.log]
blacklist = hotimportexport.log
disabled = false
index = main
sourcetype = Test