Prerequisites
Before you begin, ensure that the following prerequisites are met:| Prerequisite | Description |
|---|---|
| Ensure graph database is PostgreSQL | For best performance, BloodHound requires PostgreSQL as the graph database rather than Neo4j |
| Configure the collector | Configure the OpenHound collector to gather data from your GitHub organization |
Register the Extension
The GitHub extension includes a schema that tells BloodHound how to model and analyze data from your GitHub organization. You must register the extension before you upload data generated by the GitHound collector. On the OpenGraph Management page, upload the GitHub schema file (bhe-githound-extension.json).
Import Cypher Queries
The GitHub collector provides custom Cypher queries to help you identify attack paths and misconfigurations in your GitHub organization. These queries are included in thesaved-queries directory of the GitHound extension.
To use these queries, you must first import the saved-queries/*.json files into BloodHound. You can then run the queries on the Explore page.
Cypher queries that reference node or edge kinds not present in the database will fail without the extension schema (for example:
failed to translate kinds: unable to map kinds: Okta_ApiServiceIntegration). Community Edition users can work around this by removing the unrecognized node and edge kinds from the queries until the extension schema becomes available for BloodHound Community Edition.Next Steps
- Explore the GitHound node types and edge types in the schema reference
- Try the GitHound Cypher queries on the Explore page
- Learn about GitHub attack paths and what to look for
- Use GitHound’s specialized queries to create or update Cypher-based Privilege Zone rules
- Join the
#githoundchannel on the BloodHound Community Slack for questions and discussion