I have one file - 101-wallet42A_yyyyMMdd_hhmm.log - which is a binary file in a directory full of log files I'm having forwarded to my indexer.
How can I put in an exclusion so this file will not be accessed by the forwarder?
To exclude this file from being picked up by the forwarder, I think you can use a blacklist (see http://docs.splunk.com/Documentation/Splunk/5.0.1/Data/Whitelistorblacklistspecificincomingdata)
Very cool. Exactly what I needed. Thanks dude.