In order to use the OT-BASE Connector for Power BI, click on Get Data. In the search field, enter "ot-base" and hit Enter.
Configure request parameters
In the following dialog, enter the parameters for your query:
For Connection Protocol, you have a choice between HTTP and HTTPS. Note that HTTPS will only work if you installed a certificate on your Windows machine that allows Windows to validate the SSL certificate of OT-BASE Asset Center.
Specify the IP address or hostname of your OT-BASE Asset Center.
If you want to do vulnerability analysis, here you can specify which CVE priorities you want to load (Critical, High, Medium, Low) in the interest of reducing load time. Most users don't care about Low and Medium priority vulnerabilities. It's a bad idea though to exclude High priority CVEs as in OT, systems are often plagued with pretty old vulnerabilities that go back to a time when the Critical rating didn't yet exist. Therefore you can find lots of vulnerabilities with base scores of 10 that are rated as "High".
You can limit the scope of your data to a specific location in the interest of minimizing load time. When you only want to analyse or visualize data of a particular site, for example, it pays to specify the location ID for that site.
Enter access credentials
In the next dialog you will be prompted to provide access credentials for Asset Center.
Note that depending on the account you are using, you may or may not be able to see the full asset information that's stored in OT-BASE.
Select data tables
In the next dialog you can select the data tables you want to import.
The Devices table contains data about individual devices, similar to what you see in the device inventory in Asset Center.
The Hardware table contains data about hardware products. Several data items from this table are already contained in the Devices table, so you may only need this table for specific analyses.
The Software table contains data about software and firmware products. If you want to visualize operating system distribution, for example, you need to load this table because the device table does not contain any software information.
The Vulnerabilities table contains data about cyber vulnerabilities and their characteristics. If you are not interested in visualizing / analyzing those for the dashbord at hand you may want to de-select this table as it will usually incur significant load time -- often many minutes, as many hundred thousand vulnerabilities are not an exception for OT environments.
Build relationships between tables
Anytime you want to do more complex analytics with your OT asset data you need to establish relationships between the different tables. This way you can see, for example, which vulnerabilities plague a given device, or which software is installed on it.
On the relationship page:
- Link the ID field of the Devices table with the Devices field of the Vulnerabilities table.
- Link the ID field of the Devices table with the Installations field of the Software table.
- Link the ID field of the Devices table with the installations field of the Hardware table.
- Set all relationships to Cross filter: Both.
Getting started with your dashboard
The simplest way to get started with your dashboard is to check if all the device data was loaded correctly by putting it in a table. All you need to do for this is to select the table widget and then, from the Devices table, select the fields that you want to show in that table.
As a next step you may want to bring in a histogram that visualizes the number of different device types. In order to do this, click on the bar chart symbol, then select the Type field from the Devices table, and also drag and drop the Type field into the Y axis field of the bar chart. This will result in something like this:
Now, if you select any of the device types in the histogram, the device table below will only show entries of this type.