Troubleshooting CTI
Community support
Please try to resolve your issue by reading the documentation. If you're unable to find a solution, don't hesitate to seek assistance in:
False Positive
How to Get Tagged as a False Positive
To be able to be classified as a false positive, you need a proper technical justification of why your IP might be misclassified as a threat. This part is to be reviewed and validated by crowdsec. To be classified as a false positive, you need a technical justification for why your IP might be misclassified as a threat. This is reviewed and validated by CrowdSec.
You also need public documentation stating the IP, ranges, and/or reverse DNS associated with the assets in question. This data must be machine-readable (no HTML, no PDF, etc.).
Once your IP addresses are publicly available and accessible via HTTPS, you can contact support@crowdsec.net. Please include the URL of your IPs and ranges.
The CrowdSec team will then update CTI false-positive data so your IPs are flagged correctly.
Here are some examples of providers who share their IPs and ranges:
