Security Operations
Monday, 22 June 2026 · Threat level: Elevated · 4 active incidents
Requests / 1h
142,380
+8.2% from last hour
Blocked
1,247
0.87% of traffic
Active Devices
384
of 412 enrolled
DNS Queries / 1h
2.1M
Resolver healthy
Policy Violations
23
5 new in 30 min
Gateway Access LogsLive
| Time | Identity | Source IP | Destination | Action |
|---|---|---|---|---|
| 11:47:08 | [email protected] | 192.168.12.44 | soc.onesecuritydivision.com | Allow |
| 11:47:05 | Unknown | 45.79.110.22 | soc.onesecuritydivision.com/admin | Block |
| 11:47:01 | [email protected] | 192.168.3.102 | pastebin.com | Warn |
| 11:46:58 | soc-admin | 10.0.1.5 | ssh://infra-db-prod-01 | Allow |
| 11:46:52 | Unknown | 179.60.147.3 | hr.onesecuritydivision.com | Block |
| 11:46:47 | [email protected] | 192.168.5.78 | t.me | Block |
| 11:46:40 | [email protected] | 192.168.8.201 | confluence.osd.com | Allow |
Threat Detections4 active
Data Exfiltration Attempt
230 MB upload to mega.nz ·
[email protected]SSH Brute Force
172 attempts from
45.79.110.22Policy Violation
Social media access blocked by
GW-SNSUnmanaged Device
MAC
F4:5C:89:2A, no posture recordDevice Posture2 issues
W
OSD-WKS-0041 · budi.santoso
M
OSD-MBP-0018 · dewi.rahma
L
OSD-SRV-DB01 · production
?
Unknown device · F4:5C:89:2A
Gateway Policies5 active
Block Social Media
all-users · DNS + HTTP inspect
ZTNA, Internal Apps Only
contractor-group
Block File Upload to Cloud Storage
all-users · TLS inspect
SSH via Cloudflare Tunnel
soc-admin-group
Require Device Posture Check
Disabled · all-users
DNS Gateway, Top Blocked
| Domain | Category | Hits | Action |
|---|---|---|---|
| t.me | Messaging | 382 | Block |
| mega.nz | File Sharing | 247 | Block |
| instagram.com | Social Media | 201 | Block |
| pastebin.com | Suspicious | 44 | Warn |
| malware-c2.xyz | Known C2 | 3 | Block |
| coinminer.ru | Cryptominer | 1 | Block |