Some attack events do not have details on the connection and appear incomplete. There may be missing Destination IP, Protocol, or Source IP information.
Some events are triggered before a connection is established or after a socket has been killed, so those details are unavailable.