A device may obtain a set of communication messages, wherein the set of communication messages is associated with communications between a plurality of operational technology (OT) devices across a plurality of OT control layers of an OT environment. The device may determine whether each communication message, of the set of communication messages, is a request message or a response message and thereby determine whether at least one communication message has a communication message match. The device may generate, based on determining whether the at least one communication message has a communication match, one or more communication entries, wherein a communication entry, of the one or more communication entries, includes message header information of a request message of the set of communication messages. The device may cause, based on the one or more communication entries, one or more actions to be performed.