I am trying to ignore the fields a4, a5, a6....., a1100 from my audit logs and tried applying prune filter plugin with setting blacklist_names, but I see the fields a4, a5, a6..... are still incoming.
Can someone let me know if this is the correct way we use regex for prune Or suggest any way to achieve this particular scenario where I can ignore a specific set of fields?
Below is the setting that was implemented:
blacklist_names => ["^a[4-9][0-9][0-9][0-9]"]
add_tag => [ "pruned" ]