splunk monitor only single file not working

Hi experts,

I have problem in monitoring only file. for example /var/log/messages

I added monitor,

$./splunk add monitor /var/log/messages -index testindex -sourcetype linux_log

But results are not reflecting in splunk search console(WEB GUI)

I even changes file content I retried

It works if I add monitor to /var/log directory

$./splunk add monitor /var/log/ -index testindex -sourcetype linux_log

Is splunk monitoring requires directory?