Csf and directadmin do I need to do more than just installing?

I noticed today there were a lot of bruteforce attacks but the ip was not banned by csf

Is there any thing else I need to do after installing csf so directadmin and csf work together?

You can always finetune. If you use the install.directadmin.sh most things should be fine.
However, CSF does not react on the bruteforce monitor of DA itself, so attempts to login to the control panel.
You can create a script for that or search the forums of alternative ways. There are several topics about it.

Like this thread:
http://forum.directadmin.com/showthread.php?t=44839

Thanks so directadmin bruteforce does nothing ? Only let me know that an ip is trying to break into server ?

DA bruteforce does detect bruteforces to the DA system and can block them if set in the admin configuration. But then you have the DA and the CSF blocking system, which makes it more work to lookup blocked ip's if some customer is blocked.

It just makes things a lot easier and more configurable doing it via CSF.

The better link is this one:
https://help.poralix.com/articles/how-to-block-ips-with-csf-directadmin-bfm