-
-
Notifications
You must be signed in to change notification settings - Fork 322
Neo4j queries for loading BruteShark network map file
Oded Shimon edited this page Dec 2, 2020
·
3 revisions
Basically, BruteShark network map JSON file contains the connections definitions of the network.
In order to produce a network map that contains endpoints and connections, we need to perform a number of simple queries:
CALL apoc.load.json("YOUR-FILE-PATH")
YIELD value
MERGE (n:Host {host: value.Source})
WITH n, value
UNWIND value AS val
MERGE (c:Host {host: val.Destination})
WITH val
UNWIND val as v
MATCH (src:Host)
MATCH (dest:Host) where v.Source = src.host and v.Destination = dest.host
MERGE (src) - [:Connects] - > (dest)