The Portable Inventory Data format was invented by Langner as an easy way to share asset inventory data between applications. Simply put, Portable Inventory Data is a set of inventory data represented in JSON (JavaScript Object Notation). JSON has become the most widely adopted data format for sharing complex data and is supported by modern enterprise applications, including service management software, configuration management database systems (CMDB), and more.
Portable Inventory Data Envelope
A Portable Inventory Data set is enclosed in an "envelope" that holds the inventory data content plus a metadata prefix. The metadata prefix specifies the software that was used to create data set (example: "OTbase 4.03"), the account that created the data set, and the time of creation.
The metadata prefix has the following format:
"meta":{
"origin":software product and version used to create the data set,
"createdBy":user account that created the data set,
"organization":organization with which that user account is affiliated with,
"createdWhen":date and time of creation
}
Inventory data content can be of the type devices, hardware, software, or combinations thereof.
A complete Portable Inventory Data envelope hence looks like this:
{metadata prefix, content}
Device inventory
A device inventory is expressed as a list of device objects:
"devices":[{deviceObject}, ...]
Device identity and configuration data of individual devices as part of an asset inventory.
{
"data": {
"deviceRef": "unique database reference for the device that never changes",
"deviceId": "unique identifier for the device that can be changed by the user",
"hostedOn": "device identifier of the virtualization host if known",
"name": "device name (e.g. DNS name)",
"description": "Description for the device",
"documentation": "",
"installationDate": "installation date",
"manufactureDate": "",
"warranty": "",
"stage": "lifecycle stage",
"lifecycle": "product lifecycle stage",
"serialNumber": "serial number",
"last_seen": "timestamp when the asset was last seen by OTbase Discovery",
"zone": "network zone",
"safety": "safety certification",
"release": "release version",
"criticality": "criticality rating",
"modified": "timestamp when the asset's configuration was last modified",
"exposure": "network exposure of the asset, if known to OTbase (e.g. \"local\")",
"hardware": {
"vendor": "vendor name",
"model": "model",
"type": "type (PLC, RTU, ...)",
"category": "category (computer, automation device, ...)",
"version": "product version",
"orderNumber": "order number",
"vendorLink": "link to vendor's product page",
"description": "product description",
"endOfLife": "published end-of-life for the product",
"extended": {
"MTBF (years)": ""
}
},
"context": {
"location": "hierarchical location name",
"locationId": "location identifier",
"referenceLocation": "reference location (usually: site name)",
"referenceLocationId": "reference location identifier",
"otSystem": "OT system associated with the device",
"otSystemId": "OT system identifier",
"deviceGroup": "device group assigned to the device",
"processes": [
{
"name": "processes name associated with the device",
"location": "processes location",
"locationId": "processes locationId"
}
]
},
"os_firmware": "firmware version",
"software":[
{
"vendor": "vendor name",
"name": "product name",
"version": "product version",
"description": "description",
"vendorLink": "vendor link (URL for product page)",
"category": "product category",
"type": "product type (OS, Application, Patch, ...)",
"safety": "safety certification",
"endOfSupport": "published end-of-support date",
"lifecycle": "published product lifecycle stage",
"tags":"[list of tags assigned to the software product]",
"installations": "[List of Device IDs indicating where the product" is installed],
"extended":{
"customField1": "value",
"customField2": "value",
"customField3": "value",
...
}
}
],
"tags": [
"list of tags assigned to the device"
],
"connections": [
{
"network": "network name",
"networkId": "network identifier (auto-assigned by OTbase)",
"networkGroup": "network group name",
"medium": "network medium (Copper, Fiber, ...)",
"L2Address": "L2 address",
"L3Address": "L3 address",
"networkAddress": "IP address of the network",
"networkType": "network type (IP, Profibus, ...)",
"port": "port number",
"vlan": "VLAN ID",
"counterpart": "counterpart device identifier",
"remotePort": "remote port number",
"remoteDesc": "remote device description",
"ifName": "interface name",
"ifStatus": "interface status",
"ifDHCP": "DHCP status",
"speed": "interface speed",
"duplex": "duplex mode",
"networkLocation": "location name where the network resides",
"networkLocationId": "location ID where the network resides"
}
],
"extended": {
"customField1": "value",
"customField2": "value",
"customField3": "value",
},
"last_seen_by": "name of the OTbase Discovery node that last saw the asset",
"monitors": [
{
"monitor_name": "name of an OTbase Discovery node that monitors the asset",
"last_scan": "timestamp of the last probe from this OTbase Discovery node",
"last_version": "version of the OTbase Discovery node",
"last_result": "last probing result",
"last_seen": "timestamp for this OTbase Discovery node when the asset was last seen"
}
],
"last_patch_date": "date when the last patch was applied",
"days_since_last_patch": "number of days since the last patch"
},
"info": {
"user": "user account performed the request",
"origin": "OTbase Inventory 8.02"
}
}
Constructing Profile URLs
To provide direct access to device or network profiles within OTbase Inventory, a specific URL can be constructed using the device or network reference number. This facilitates easy linkage and access within web applications or documentation.
To construct a profile URL:
- Use the base format:
https://<ip|host>/ot-base/profile.phtml?reference=[D.|NW.]<num>
- Replace
<ip|host>
with the IP address or hostname of the machine where OTbase Inventory is running. - Replace
<num>
with the specific numeral device reference.
Example: If you need to link to a device listed as "Field PG" in OTbase Inventory running on localhost
, and the device reference number is 632, the URL would be: https://localhost/ot-base/profile.phtml?reference=D.632
Hardware product inventory
A hardware product catalog contains a list of hardware product objects:
"hardware":[{hardwareObject}, ...]
A hardware product object documents metadata for hardware products.
{
"vendor": vendor name,
"model": model,
"version": version,
"type": type (PLC, RTU, Actuator, ...),
"safety": safety certification,
"orderNumber": order number,
"description": product description,
"vendorLink": vendor link (URL for product page),
"endOfLife": published end-of-life,
"lifecycle": published lifecycle stage,
"tags":[list of tags assigned to the hardware product],
"installations": [List of Device IDs indicating where the product is installed],
"extended":{
customField1: value,
customField2: value,
customField3: value,
...
}
}
Software product inventory
A software product catalog contains a list of software product objects:
"software":[{softwareObject}, ...]
A software product object documents metadata for software products.
{
"vendor": vendor name,
"name": product name,
"version": product version,
"description": description,
"vendorLink": vendor link (URL for product page),
"category": product category,
"type": product type (OS, Application, Patch, ...),
"safety": safety certification,
"endOfSupport": published end-of-support date,
"lifecycle": published product lifecycle stage,
"tags":[list of tags assigned to the software product],
"installations": [List of Device IDs indicating where the product is installed],
"extended":{
customField1: value,
customField2: value,
customField3: value,
...
}
}
Vulnerabilities repository
The vulnerabilities repository contains a list of all published vulnerabilities that affect the installed base:
"vulnerabilities":[{vulnObject}, ...]
A vulnerability object contains information about a vulnerability that affects the installed base.
{
"cveId": CVE identifier (e.g. CVE-2020-517),
"baseScore": CVSS base score,
"severity": CVSS severity (as assigned by MITRE),
"priority": priority (as assigned by the user),
"datePublished": publication date,
"vector": CVSS vector,
"description": vulnerability description,
"devices": [List of device IDs for affected devices]
}
Location repository
A location repository contains a list of geo-locations:
"locations":[{locationObject}, ...]
A location object contains information about a geo-location:
{
"locationId": location ID,
"name": hierarchical location name,
"referenceLocation": indicates if this is a reference location (Yes | No),
"description": description,
"address": street address,
"gps": GPS coordinates,
"company": company name,
"extended":{
customField1: value,
customField2: value,
customField3: value,
...
}
}
There is no need for a list of devices associated with a location as such a list can be obtained by querying the device inventory with a location
or locationid
filter.
System repository
A system repository contains a list of OT systems. An OT system can be a Distributed Control System, or a machine / production line in discrete manufacturing.
"systems":[{OTsystemObject}, ...]
An OT system object contains information about an OT system:
{
"systemId": system identifier,
"name": system name,
"description": description,
"locationId": process location identifier,
"location": process location name,
"extended":{
customField1: value,
customField2: value,
customField3: value,
...
}
}
There is no need for a list of devices associated with a system as such a list can be obtained by querying the device inventory with an otsystemid
filter.
Video
The rationale and use cases for Portable Inventory Data are explained in this video:
Comments
0 comments
Please sign in to leave a comment.