I have a text file that I cannot index, I KNOW it's text, I can vi the file with :set list and there are no hidden characters or formatting. In fact I deleted the file and created it with the name "wtmp" from scratch and STILL I cannot index this file as Splunk claims it is binary! What is going on?
Any files with the extensions listed in the source stanza, or files named wtmp or lastlog will not be indexed as Splunk considers them Binary files. If you have a log with these reserved names, change the name and your log should be indexed.
If you are working with trying to index wtmp itself, there is a great post here to help you accomplish that.