diff --git a/cmd/crowdsec/crowdsec.go b/cmd/crowdsec/crowdsec.go
index 6f75daf5c..d51fe2d79 100644
--- a/cmd/crowdsec/crowdsec.go
+++ b/cmd/crowdsec/crowdsec.go
@@ -70,11 +70,12 @@ func runCrowdsec(cConfig *csconfig.Config, parsers *parser.Parsers) error {
 	parserWg.Wait()
 
 	bucketWg := &sync.WaitGroup{}
-	log.Infof("BucketsGCEnabled: %v", cConfig.Crowdsec.BucketsGCEnabled)
+	//Only start the blackhole GC routine if buckets GC is not enabled, ie we are replaying a file
+	//This is because the GC routine expects events to happen in real time, which is not the case during a replay.
 	if !cConfig.Crowdsec.BucketsGCEnabled {
 		bucketsTomb.Go(func() error {
 			bucketWg.Add(1)
-			leakybucket.CleanupBlackhole(&bucketsTomb)
+			leakybucket.BlackholeGC(&bucketsTomb)
 			bucketWg.Done()
 			return nil
 		})
diff --git a/pkg/leakybucket/blackhole.go b/pkg/leakybucket/blackhole.go
index 19b3efd0b..1a40bacaf 100644
--- a/pkg/leakybucket/blackhole.go
+++ b/pkg/leakybucket/blackhole.go
@@ -30,7 +30,18 @@ func NewBlackhole(bucketFactory *BucketFactory) (*Blackhole, error) {
 	}, nil
 }
 
-func CleanupBlackhole(bucketsTomb *tomb.Tomb) error {
+func CleanupBlackhole(lastEvent time.Time) {
+	BlackholeTracking.Range(func(key, value interface{}) bool {
+		cleanupDate := value.(BlackholeExpiration).blExpiration
+		if cleanupDate.Before(lastEvent) {
+			log.Debugf("Expiring blackhole for %s", key)
+			BlackholeTracking.Delete(key)
+		}
+		return true
+	})
+}
+
+func BlackholeGC(bucketsTomb *tomb.Tomb) error {
 	ticker := time.NewTicker(10 * time.Second)
 	for {
 		select {
@@ -42,14 +53,7 @@ func CleanupBlackhole(bucketsTomb *tomb.Tomb) error {
 			})
 			return nil
 		case <-ticker.C:
-			BlackholeTracking.Range(func(key, value interface{}) bool {
-				cleanupDate := value.(BlackholeExpiration).blExpiration
-				if cleanupDate.Before(time.Now().UTC()) {
-					log.Debugf("Expiring blackhole for %s", key)
-					BlackholeTracking.Delete(key)
-				}
-				return true
-			})
+			CleanupBlackhole(time.Now().UTC())
 		}
 	}
 }