It'd be nice to have a config item to only pilfer files e.g last modified in the last 4 years, which will help reduce noise of creds that have since been rolled.

It could very well already exist but don't see such an option in the README/sample config.

last modified date is already being collected - can you not do your filtering on the log file?

Are there efficiencies to be made in pulling file metadata, then only proceeding to pull / parse / pilfer if the file was last modified within the last X?

yeah actually there would be.

If you want to take a swing at implementing this, here's roughly what you'd need to do:

Add a thing to handle a ClassifierRule.MatchLocation using the modified date into:
https://github.com/SnaffCon/Snaffler/blob/master/SnaffCore/Classifiers/FileClassifier.cs

Then (assuming you want to be able to pass the date as an argument) you'd need to add a thing to parse that arg, generate a discard rule using that modified date, and insert it into the ruleset at runtime.

If you don't wanna try it yourself, I'll probably get to it eventually, but probably not soon.