Hi Yves, Unfortunately this is not possible. Possible solutions: * Set up a separate module instance for each subdirectory. * Run as root so that lost+found does not generate a permission error. * Create a directory elsewhere containing soft/hard links to the subdirectories you want to be monitored. * Delete lost+found.
Obviously each of the above has some drawbacks. Regards, Botond On Wed, 01 Oct 2014 08:40:59 -0600 Yves Dorfsman <y...@zioup.com> wrote: > > I have: > > <Input mylogs> > Module im_file > File /logs/*.log > Exec $filename = file_name(); > </Input> > > > But /logs is a filesystem, and now I keep getting an error that it can't read > /logs/lost+found. Is it possible to ignore a directory with im_file? > > > Thanks. > > -- > Yves. > > ------------------------------------------------------------------------------ > Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer > Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports > Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper > Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer > http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk > _______________________________________________ > nxlog-ce-users mailing list > nxlog-ce-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ nxlog-ce-users mailing list nxlog-ce-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users
