At the top of the Context Explorer is a line chart of traffic and intrusion events over time. The X-axis
plots time intervals (which range from five minutes to one month, depending on the selected time
window). The Y-axis plots traffic in kilobytes (blue line) and intrusion event count (red line).

Note that the smallest X-axis interval is five minutes. To accommodate this, the system will round the
beginning and ending points in your selected time range down to the nearest five-minute interval.

By default, this section shows all network traffic and all generated intrusion events for the selected time
range. If you apply filters, the chart changes to display only traffic and intrusion events associated with
the criteria specified in the filters. For example, filtering on the

OS Name

Windows

causes the time

graph to display only traffic and events associated with hosts using Windows operating systems.

If you filter the Context Explorer on intrusion event data (such as a

Priority

High

), the blue Traffic line

is hidden to allow greater focus on intrusion events alone.

You can hover your pointer over any point on the graph lines to view exact information about traffic and
event counts. Hovering your pointer over one of the colored lines also brings that line to the forefront of
the graph, providing clearer context.