Abstract
We present an extended version of targeted projection pursuit, a high dimensional data exploration tool adapted for producing graph layouts using node-attributes. Attributes are generated based on detected events in the intrusion detection system and firewall logs and how often they occur for each IP address. Edges are the directed links between source and destination IPs. The layout is interactive and users can manipulate the points in order to find interesting layouts and then further analyse how these layouts are related to the events in the logs. Thus, they first allow the user to detect anomalies and then gives them a platform to investigate why they occur.