Prerequisites
Full OpenGraph support requires a PostgreSQL graph database and one of the following editions:- BloodHound Enterprise (uses PostgreSQL by default)
-
BloodHound Community v8.0.0+ (requires changing to a PostgreSQL database)
While many OpenGraph features may work on a Neo4j database, there are functional and performance limitations (see the OpenGraph FAQ). For full support, migrate to a PostgreSQL database.
Install the Extension
Optional Schemas
If your Jamf environment is connected to other BloodHound-supported data sources in your environment, such as Okta, upload the corresponding schema too, or contact your Enterprise account team. Doing so ensures those cross-platform relationships are modeled correctly in BloodHound.Import Cypher Queries
The Jamf extension includes Cypher queries to help identify attack paths and misconfigurations in Jamf Pro environments. Import the Jamf query JSON files into BloodHound using the query import workflow. You can then run the imported queries on the Explore page.Cypher queries that reference node or edge kinds not present in the database will fail without the extension schema.
Collect and Upload Jamf Data
There are currently two ways to collect Jamf data for this extension:- OpenHound Jamf collector: The SpecterOps-supported collector for Jamf Pro. Use this if you want the current documented and supported collection path.
- JamfHound collector: An alternative collector that can also produce data for the Jamf extension.