# Graph Analysis Teiren SIEM offers two types of graph analysis - User Analysis and IP Analysis. ## User Analysis

This analysis allows you to view all accounts registered with the applications, including AWS and TEIREN SIEM accounts. The details presented include the account's resource, account name, detection count, most recent detection, recent event, and the time of the recent event.

By opening the 'Graph Details' modal of an account, you can see the detected flow of events associated with that account, as identified by the rule sets. In another tab, you can view each detection in a table format, with each detection's threat alert linking to the Threat Alerts detail page for more information. ## IP Analysis This analysis provides a view of the network traffic for each resource registered with TEIREN SIEM. It presents a comprehensive picture of network interactions, helping users understand their network patterns better and detect any anomalies. By providing both User Analysis and IP Analysis, our Graph Analysis feature offers a comprehensive and visual way of understanding your log data and any potential threats. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.teiren.io/teiren-siem/features/threat-management/graph-analysis.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.