Only run Yara module on unknown files

[reuteras]

If I understand correctly it is only possible limitation for the Yara ingest module is to only have it run on executable files, otherwise all files are checked. Would it be possible to have an option to exclude every known (good or bad) file based on hash sets? Those files are already known to be good (or bad) and can be excluded from yara rules to speed up ingest.