The overall development of the internet allows internet attacks to occur, which can cause damage to a system. Threats and attacks on internet networks are more vulnerable to the surface because the internet is fully open to users. We need data protection from threats and attacks to maintain confidentiality, availability, and system information. Threats or disturbances can be referred to as anomalies. Anomaly detection is needed to prevent changes in traffic flow. Anomaly detection is one of three techniques of the Intrusion Detection System (IDS). Network characteristics tracked by network anomaly detection programs at scale include packets, bandwidth, bytes, traffic volume, and the used protocols. Suspicious events are recorded in Interface, IP Group, Transmission Control Protocol (TCP), User Data Protocol (UDP), and Internet Control Message Protocol (ICMP) reports. Therefore, this research was carried out to detect anomalies using the Machine Learning algorithm: Decision Tree. This study analyzed 4998 records with 34 attributes, with one attribute as a class. Using the decision tree method, the highest accuracy results are 99.95%.