Powered by Zoomin Software. For more details please contactZoomin

Flowmon Application for QRadar User Guide

Table of Contents

Activities of a specific IP address

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: May 1, 2026
  • 1 minute read
    • Flowmon Products
    • Flowmon Anomaly Detection System
    • Documentation

In the Dashboard, we have selected several detection methods. One of the peaks corresponds to DIRINET (Direct internet communication). By clicking on the bar in the chart, we open the details below with a donut chart and list of IP addresses.

Dashboard showing DIRINET peak with detailed information
Dashboard showing DIRINET peak with detailed information

We apply the first IP address with the highest count as the Source IP to the graph. This provides an overview about detected activities throughout the day.

Graph showing activities of a specific IP address over time
Graph showing activities of a specific IP address over time

The graph reveals several ANOMALY events along with predominantly DIRINET activities.

TitleResults for “How to create a CRG?”Also Available inAlert