Hi,
I’m looking at Arkime and see a particular IP that has been appearing all the time. This is obviously a false positive, and I would like to exclude it from further scanning.
I selected all and then added a tag: “exclude scanning,” which didn’t help at all. I can still see the same IP address when I search for it.
Do you know exactly what needs to be done to exclude IPs from further scanning?
Thank you,
Regards