Powered by Zoomin Software. For more details please contactZoomin

Flowmon ADS User Guide

Table of Contents

Main Application Menu

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: April 5, 2026
  • 2 minute read
    • Flowmon Products
    • Flowmon Anomaly Detection System
    • Documentation

The main application menu is a basic guidepost to all perspectives and features available in the application. The currently selected menu item is always highlighted. The main application menu can be collapsed and this increases the workspace area available to the user. You can use the icon with three parallel lines in the top-right corner of the menu to collapse or enlarge the application menu. You can move between the individual subsections within one section using the tabs in the user workspace. Related functions and views are brought together in joint groups. The main application menu contains the following items:

Analysis

This part of the GUI contains an overview of the current network status. It consists of two tabs - Methods and IDS Categories. The IDS Categories tab is only available when the IDS Collector is enabled (for more information, refer to the IDS Collector page). The tabs consist of the following sections:

  • Flows: A chart that visualizes the number of flows processed by the Flowmon ADS module in time. The current flow processing status is displayed next to the chart. Note that this section is available only on the Methods tab.

  • Events: Visualization of the detected events in time using the stacked column chart. The purpose of this chart is to visualize the ratio of the count of the detected events.

  • Events by priority: The list of detected event types ordered according to their priority (based on the chosen Perspective). It is possible to expand each row with the event type to inspect particular detected events.

Events

In this section, there are various views on events:

  • Simple list: Simple list of events that enables advanced searching and filtering of events.

  • By MITRE ATT&CK: A view of events grouped by MITRE ATT&CK tactics.

  • By hosts: A view of events grouped by IP addresses that are related to the events.

  • Aggregated view: The aggregated view brings together events of the same type that took place on individual devices into continuous blocks that are then graphically displayed on the timeline.

Reports

This section allows you to define chapters for reports. The report chapters specify the content that should be included in the reports (see Reports for more information). The reports themselves can be found in the Flowmon Dashboard and Reports.

Settings

Contains functions used to configure and manage the application. The section is categorized into tabs by importance. Processing (the most commonly used tab) is followed by System settings and Maintenance.

Configuration and management of the application is described in the Installation and configuration chapter. This chapter does not document the functions of the Settings section.

Logs

This section contains a list of actions that were performed by users of the application. It is possible to filter these actions according to their type or detail.

About

This section contains the name of the module, its version, and information about the license type together with its expiration date. It is also possible to find brief information about the module together with a description of the basic principles that the module is based on.

TitleResults for “How to create a CRG?”Also Available inAlert