I have 3 types of log file names, ones that simply end with .log.2018 (eg: dc1-sms.log.2018), others end with -error.log.2018 (eg: dc1-sms-error.log.2018), -access.log.2018 (dc1-sms-access.log.2018).
I am trying to match files that end with:
.log.2018
or
-error.log.2018
and not
-access.log.2018
Basically a dc1-sms(!access)*.log.2018 would suffice, but obviously this does not work.
I tried several combinations ofr wildcards and regex, but without success.
I want to be able to do this from the [monitor://<path>] part of the config because the way our app is built, I only have access to that part of Splunk config.
... View more