cscli scenarios install crowdsecurity/http-generic-testThis scenario is meant to check if crowdsec is correctly configured, this will trigger an alert, but no decision.
curl http://<your-ip>:<port>/crowdsec-test-NtktlJHV4TfBSK3wvlhiOBnl
You will see in your crowdsec logs:
time="2025-06-12T16:59:45+02:00" level=info msg="Ip <your-ip> performed 'crowdsecurity/http-generic-test' (1 events over 0s) at 2025-06-12 14:59:45.636887959 +0000 UTC"
time="2025-06-12T16:59:46+02:00" level=info msg="(<local API login>) alert : crowdsecurity/http-generic-test by ip <your-ip> xxxxxx"
time="2025-06-12T16:59:47+02:00" level=info msg="Signal push: 1 signals to push"cscli alert list will present you this alert as well. Please note that this
scenario won't trigger any decision, and result in any remediation.
If you don't see anything in logs nor in the alerts list, then you can assume an issue in your setup
Beware this WON'T work with local ips (see whitelists that are installed by default)
1# EICAR style scenario2# This scenario is used to test CrowdSec installation and configuration and doesn't generate any decisions.3type: trigger4name: crowdsecurity/http-generic-test5description: "Crowdsec Generic Test Scenario: basic HTTP trigger"6filter: evt.Meta.log_type in ["http_access-log", "http_error-log"] and7 evt.Meta.http_path == "/crowdsec-test-NtktlJHV4TfBSK3wvlhiOBnl"8blackhole: 5m9groupby: "evt.Meta.source_ip"10labels:11 confidence: 012 spoofable: 313 behavior: "http:test"14 label: "CrowdSec Generic Test Scenario"15 service: http16 remediation: false17