In recent years, machine learning and deep learning based methods for intrusion detection systems (IDSs) have received great attention from many researchers. IDS datasets have been used to evaluate and analyse these methods. Because of the popularity and complication, the requirement to deeply explore the optimication of clustering, which is known as one of the most useful technique, not only reducing the amount of data but also keeping its characteristics, is necessary for these datasets. In this paper, we focus on analysing the characteristies of IDS common datasets. In addition, we also evaluate the clustering properties and discover the  optimal number of clusters which should be divided from a dataset. The experiment has been conducted on six datasets NSL-KDD, UNSW-NB15, and four versions of CTU-13 (08, 09, 10, and 13). Using Elbow and Silhouette methods to determine the optimisation of clustering a dataset has revealed that some datasets should be divided into two or three clusters while some should keep their original forms.