Tried 1:
[default]
index=sfs

[monitor:///web/logs/sfs/GCTIRServices*]
disabled=false

Tried 2:
[default]
index=sfs

[monitor:///web/logs/sfs/GCTIRServices*]
disabled=false
index=sfs

Tried 3:
[monitor:///web/logs/sfs/GCTIRServices*]
disabled=false
index=sfs

I tried all above 3 options before posting this question. It is still going to main index.