SerSOC — Dashboard

Critical

—

Open alerts

High

—

Open alerts

Medium

—

Open alerts

Low

—

Open alerts

SentinelOne

Idle

—

Critical

—

High

—

Medium

—

Low

—

Not connected

Adlumin

Idle

—

Critical

—

High

—

Medium

—

Low

—

Not connected — add token in Settings

Cloudflare

Idle

—

Critical

—

High

—

Medium

—

Low

—

Not connected — add token in Settings

—

Source	Customer	Alert Name	Severity	Alert Status	Mitigation	Verdict	Assigned To	Reported
No alerts — connect a source in Settings

Source	Customer	Alert Name	Severity	Alert Status	Mitigation	Verdict	Assigned To	Reported
Connect SentinelOne to load

SentinelOne API

Connects to /web/api/v2.1/unifiedalerts/graphql. Generate your token in the console under Settings → Users → Service Users.

Console Base URL Hostname only — any trailing path is stripped automatically.

API Token

Account ID (optional — scopes results to one account) Find it in the portal URL or under Settings → Account. Leave blank to fetch all accessible accounts.

Field Inspector

If alert names or severities look wrong, click Inspect to see the raw fields from the first alert returned by the API. This helps identify the correct field paths for your S1 version.

Adlumin API

Connects to api.adlumin.com/v1/detections using x-api-key authentication. Find your API key and Tenant ID in your Adlumin console under Account Settings → API Access.

API Token

Portal URL (for deep links) Used to generate clickthrough links to alerts. Leave blank for default.

Tenant ID (required)

Field Inspector

If alert names or severities are wrong, inspect the raw API response to identify the correct field paths returned by your Adlumin instance.

Cloudflare Security Insights

Connects to the Cloudflare Security Center API to fetch open security issues. Create an API Token at dash.cloudflare.com → My Profile → API Tokens with Account · Security Insights · Read permission.

Account ID

API Token

Proxy Worker

The proxy worker bypasses browser CORS restrictions so SerSOC can reach SentinelOne and Adlumin from any browser. Deploy it once to your Cloudflare account — no local server needed. You need a Cloudflare API Token with Workers Scripts:Edit permission.

Current Proxy URL

Edit and click Save to point the dashboard at an existing worker URL.

Deploy to Cloudflare Workers

Automatically deploys the SerSOC proxy script to your Cloudflare account and updates the proxy URL above.

Cloudflare Account ID

Workers API Token (needs Workers Scripts:Edit)

Worker Name (becomes part of the URL)

Manual Override

Enter alert counts directly. The overview updates instantly — no proxy required.

SentinelOne

Critical

High

Medium

Low

Adlumin

Critical

High

Medium

Low

Reset Dashboard

Clears all loaded alert data, manual overrides, and stops the auto-refresh timer. Your saved API credentials are not affected.

This will clear all alert data currently shown in the dashboard. Your API tokens and URL will remain saved in the fields.

SerSOC Dashboard