Customer problems: 

As a customer, I want to be able to see the external IP addresses of the entity that has caused an Unauthorized Network Flow policy alert so I can identify better the source and investigate if it could come from a malicious actor. For example, I could use that IP to check the logs of my perimeter defense tool and correlate the data.

Acceptance Criteria:

Unexpected Network Flows should include an IP address if External IPs are enabled for the cluster and the traffic is to/from an external entity.

Example: replace `Destination/Source: External Entities` with the IP address.