Setup PowerBI Dashboard for CrowdStrike metrics

Security dashboard usually involves metrics from siloed security tools. This example shows how to provide an overall security posture report for CrowdStrike. Here is a detailed instruction to set everything up leveraging DTonomy's automation platform with extra information on how to set up PowerBI account.

Set up automation

1. Create a table in PowerBI

Select the automation menu, under playbooks, click PowerBICreateTable workflow

Double click Detections Node and add new PowerBI connection.

Name your connection, add PowerBI account name & password, Application Id and select the API base url. Click Add button.

Click Done button and Save changes.

2. Click timestamp to run the workflow, get ID and name of created table

3. Connect CrowdStrike with PowerBI

Select the automation menu, under playbooks, click CrowdStrike-PowerBI.

4. Reset details information, run the workflow

Double click find detections node.

Add new CrowdStrike Server.

Name the CrowdStrike Server;

Url: https://api.crowdstrike.com;

Input CrowdStrike Account ID & password. Click Update button and Done button.

Double click import data node, replace the table name and table ID generated by Create Table Workflow. Click Done button.

Double click datasets operations node, choose the PowerBI connection we created. Click Done button, Save button to save changes.

5. Click timestamp to run the workflow and refresh dataset on PowerBI

6. PowerBI visualization example

Additional Instructions(Azure & PowerBI)

1. Create an Azure Active Directory tenant

1. Click Start Free to register an account in the Azure website.

   Link: https://azure.microsoft.com/en-us/free/search

2. Create a master user to use as your master embedding account. In the home page of the Azure portal, select the Azure Active Directory tab.

   

3. Under Manage, select Users.

4. Under + New user select + Create new user.

5. Provide a Display Name and User name. Leave Directory role as user. Note the password, then select Create.

6. Sign up for Power BI with the user account that you created in step 4. Go to powerbi.com

2. Create a PowerBI Account Automatically (for Regular User)

1. Open the Power BI App Registration Tool

   Link: https://app.powerbi.com/embedsetup

2. Choose an Embedding solution for your customers

3. Following the Embedding setup STEP1-STEP5.

   1. Sign in to Power BI. Click Next.

   2. Register your application. Set up Application Name and Select all API access. Click Register.

   3. Create a workspace. Name your workspace, click Create workspace.

   4. Import content, choose Sample Power BI report, click Import.

   5. Grant permissions. Click Grant permissions.

      Consent on behalf of your organization and click Accept.

      

   6. Power BI embedding environment has been set up. Summary of the application is provided. Details information can also be checked in Azure platform. Application ID will be used in the following steps.

3. Create a PowerBI Account Manually (for Government User)

1. Log into Azure portal

   Link: https://azure.microsoft.com/en-us/get-started/azure-portal

2. Register a new application under Application Registeration

3. Add PowerBI service api permissions to the application

   1. Select "API Permission" from the left panel
   2. Select "Add a Permission"
   3. Select "APIs My Organization uses"
   4. Search and select "PowerBI Serice API"
   5. Click "Add Permissions" button

4. Grant Admin Concent

   1. Click Grant Admin Consent.

5. Now the PowerBI environmrnt has been manually set up. Summary of the application is provided through the overview of the application.

4. CrowdStrike Credential Verification

Base URL: https://api.crowdstrike.com

ID, Secret Code are needed.