GraphGist: Network Dependency Graph

by Kenny Bastani

Use Case(s)

This interactive Neo4j tutorial covers a scenario in Network and Data Center Management for ACME. ACME is a fictional company with a large network infrastructure that includes a CRM application, ERP application, and a Data Warehousing solution. ACME has a series of public facing websites that they need to be up and running in order to conduct their business and support their customers.


Table of Contents


ACME’s Network Dependency Graph

Database Setup

Below you will find the full Cypher script for creating ACME’s Network Dependency Graph in Neo4j. This simple script is the full setup of the data set that we will later perform analysis on.

// Create CRM
CREATE (crm1:Application {
			ip:'10.10.32.1',
			host:'CRM-APPLICATION',
			type: 'APPLICATION',
			system: 'CRM'
		})

// Create ERP
CREATE (erp1:Application {
			ip:'10.10.33.1',
			host:'ERP-APPLICATION',
			type: 'APPLICATION',
			system: 'ERP'
		})

// Create Data Warehouse
CREATE (datawarehouse1:Application {
			ip:'10.10.34.1',
			host:'DATA-WAREHOUSE',
			type: 'DATABASE',
			system: 'DW'
		})

// Create Public Website 1
CREATE (Internet1:Internet {
			ip:'10.10.35.1',
			host:'global.acme.com',
			type: "APPLICATION",
			system: "INTERNET"
		})

// Create Public Website 2
CREATE (Internet2:Internet {
			ip:'10.10.35.2',
			host:'support.acme.com',
			type: "APPLICATION",
			system: "INTERNET"
		})

// Create Public Website 3
CREATE (Internet3:Internet {
			ip:'10.10.35.3',
			host:'shop.acme.com',
			type: "APPLICATION",
			system: "INTERNET"
		})

// Create Public Website 4
CREATE (Internet4:Internet {
			ip:'10.10.35.4',
			host:'training.acme.com',
			type: "APPLICATION",
			system: "INTERNET"
		})

// Create Public Website 5
CREATE (Internet5:Internet {
			ip:'10.10.35.1',
			host:'partners.acme.com',
			type: "APPLICATION",
			system: "INTERNET"
		})

// Create Internal Website 1
CREATE (Intranet1:Intranet {
			ip:'10.10.35.2',
			host:'events.acme.net',
			type: "APPLICATION",
			system: "INTRANET"
		})

// Create Internal Website 2
CREATE (Intranet2:Intranet {
			ip:'10.10.35.3',
			host:'intranet.acme.net',
			type: "APPLICATION",
			system: "INTRANET"
		})

// Create Internal Website 3
CREATE (Intranet3:Intranet {
			ip:'10.10.35.4',
			host:'humanresources.acme.net',
			type: "APPLICATION",
			system: "INTRANET"
		})

// Create Webserver VM 1
CREATE (webservervm1:VirtualMachine {
			ip:'10.10.35.5',
			host:'WEBSERVER-1',
			type: "WEB SERVER",
			system: "VIRTUAL MACHINE"
		})

// Create Webserver VM 2
CREATE (webservervm2:VirtualMachine {
			ip:'10.10.35.6',
			host:'WEBSERVER-2',
			type: "WEB SERVER",
			system: "VIRTUAL MACHINE"
		})

// Create Database VM 1
CREATE (customerdatabase1:VirtualMachine {
			ip:'10.10.35.7',
			host:'CUSTOMER-DB-1',
			type: "DATABASE SERVER",
			system: "VIRTUAL MACHINE"
		})

// Create Database VM 2
CREATE (customerdatabase2:VirtualMachine {
			ip:'10.10.35.8',
			host:'CUSTOMER-DB-2',
			type: "DATABASE SERVER",
			system: "VIRTUAL MACHINE"
		})

// Create Database VM 3
CREATE (databasevm3:VirtualMachine {
			ip:'10.10.35.9',
			host:'ERP-DB',
			type: "DATABASE SERVER",
			system: "VIRTUAL MACHINE"
		})

// Create Database VM 4
CREATE (dwdatabase:VirtualMachine {
			ip:'10.10.35.10',
			host:'DW-DATABASE',
			type: "DATABASE SERVER",
			system: "VIRTUAL MACHINE"
		})

// Create Hardware 1
CREATE (hardware1:Hardware {
			ip:'10.10.35.11',
			host:'HARDWARE-SERVER-1',
			type: "HARDWARE SERVER",
			system: "PHYSICAL INFRASTRUCTURE"
		})

// Create Hardware 2
CREATE (hardware2:Hardware {
			ip:'10.10.35.12',
			host:'HARDWARE-SERVER-2',
			type: "HARDWARE SERVER",
			system: "PHYSICAL INFRASTRUCTURE"
		})

// Create Hardware 3
CREATE (hardware3:Hardware {
			ip:'10.10.35.13',
			host:'HARDWARE-SERVER-3',
			type: "HARDWARE SERVER",
			system: "PHYSICAL INFRASTRUCTURE"
		})

// Create SAN 1
CREATE (san1:Hardware {
			ip:'10.10.35.14',
			host:'SAN',
			type: "STORAGE AREA NETWORK",
			system: "PHYSICAL INFRASTRUCTURE"
		})

// Connect CRM to Database VM 1
CREATE (crm1)-[:DEPENDS_ON]->(customerdatabase1)

// Connect Public Websites 1-3 to Database VM 1
CREATE 	(Internet1)-[:DEPENDS_ON]->(customerdatabase1),
	   	(Internet2)-[:DEPENDS_ON]->(customerdatabase1),
	   	(Internet3)-[:DEPENDS_ON]->(customerdatabase1)

// Connect Database VM 1 to Hardware 1
CREATE 	(customerdatabase1)-[:DEPENDS_ON]->(hardware1)

// Connect Hardware 1 to SAN 1
CREATE 	(hardware1)-[:DEPENDS_ON]->(san1)

// Connect Public Websites 1-3 to Webserver VM 1
CREATE 	(webservervm1)<-[:DEPENDS_ON]-(Internet1),
		(webservervm1)<-[:DEPENDS_ON]-(Internet2),
		(webservervm1)<-[:DEPENDS_ON]-(Internet3)

// Connect Internal Websites 1-3 to Webserver VM 1
CREATE 	(webservervm1)<-[:DEPENDS_ON]-(Intranet1),
		(webservervm1)<-[:DEPENDS_ON]-(Intranet2),
		(webservervm1)<-[:DEPENDS_ON]-(Intranet3)

// Connect Webserver VM 1 to Hardware 2
CREATE 	(webservervm1)-[:DEPENDS_ON]->(hardware2)

// Connect Hardware 2 to SAN 1
CREATE 	(hardware2)-[:DEPENDS_ON]->(san1)

// Connect Webserver VM 2 to Hardware 2
CREATE 	(webservervm2)-[:DEPENDS_ON]->(hardware2)

// Connect Public Websites 4-6 to Webserver VM 2
CREATE 	(webservervm2)<-[:DEPENDS_ON]-(Internet4),
		(webservervm2)<-[:DEPENDS_ON]-(Internet5)

// Connect Database VM 2 to Hardware 2
CREATE 	(hardware2)<-[:DEPENDS_ON]-(customerdatabase2)

// Connect Public Websites 4-5 to Database VM 2
CREATE 	(Internet4)-[:DEPENDS_ON]->(customerdatabase2),
	   	(Internet5)-[:DEPENDS_ON]->(customerdatabase2)

// Connect Hardware 3 to SAN 1
CREATE 	(hardware3)-[:DEPENDS_ON]->(san1)

// Connect Database VM 3 to Hardware 3
CREATE 	(hardware3)<-[:DEPENDS_ON]-(databasevm3)

// Connect ERP 1 to Database VM 3
CREATE 	(erp1)-[:DEPENDS_ON]->(databasevm3)

// Connect Database VM 4 to Hardware 3
CREATE 	(hardware3)<-[:DEPENDS_ON]-(dwdatabase)

// Connect Data Warehouse 1 to Database VM 4
CREATE 	(datawarehouse1)-[:DEPENDS_ON]->(dwdatabase)

RETURN *

Interactive Graph Visualization

Loading graph...

ACME’s Network Inventory

The query below generates a data table that gives a quick overview of ACME’s network infrastructure.

MATCH 	(n)
RETURN 	labels(n)[0] as type,
		count(*) as count,
		collect(n.host) as names
Loading table...

Find direct dependencies of all public websites

The query below queries the data model to find all business web applications that are on the public facing internet for ACME.

MATCH 		(website)-[:DEPENDS_ON]->(downstream)
WHERE		website.system = "INTERNET"
RETURN 		website.host as Host,
			collect(downstream.host) as Dependencies
ORDER BY 	Host
Loading table...

Find direct dependencies of all internal websites

The query below queries the data model to find all business websites that are on the private intranet for ACME.

MATCH 		(website)-[:DEPENDS_ON]->(downstream)
WHERE		website.system = "INTRANET"
RETURN 		website.host as Host,
			collect(downstream.host) as Dependencies
ORDER BY 	Host
Loading table...

Find the most depended-upon component

The query below finds the most heavily relied upon component within ACME’s network infrastructure. As expected, the most depended upon component is the SAN (Storage Area Network).

MATCH 		(n)<-[:DEPENDS_ON*]-(dependent)
RETURN 		n.host as Host,
			count(DISTINCT dependent) AS Dependents
ORDER BY 	Dependents DESC
LIMIT 		1
Loading table...

Find dependency chain for business critical components: CRM

The query below finds the path of dependent components from left to right for ACME’s CRM application. If ACME’s CRM (Customer Relationship Management) application goes down it will cause significant impacts to its business. If any one of the components to the right of the CRM hostname fails, the CRM application will fail.

MATCH 		(dependency)<-[:DEPENDS_ON*]-(dependent)
WITH 		dependency, count(DISTINCT dependent) AS Dependents
ORDER BY 	Dependents DESC
LIMIT		1
WITH		dependency
MATCH 		p=(resource)-[:DEPENDS_ON*]->(dependency)
WHERE		resource.system = "CRM"
RETURN		"[" + head(nodes(p)).host + "]" +
			reduce(s = "", n in tail(nodes(p)) | s + " -> " + "[" + n.host + "]") as Chain
Loading table...

Find dependency chain for business critical components: ERP

The query below finds the path of dependent components from left to right for ACME’s ERP (Enterprise Resource Planning) application. The ERP application represents an array of business resources dedicated to supporting ongoing business activities at ACME, including finance and supply chain management. If ACME’s ERP application goes down it will cause significant impacts to its business. If any one of the components to the right of the ERP hostname fails, then the ERP application will fail. This failure will cause revenue impacts since ACME’s business relies on this system to conduct business.

MATCH 		(dependency)<-[:DEPENDS_ON*]-(dependent)
WITH 		dependency, count(DISTINCT dependent) AS Dependents
ORDER BY 	Dependents DESC
LIMIT		1
WITH		dependency
MATCH 		p=(resource)-[:DEPENDS_ON*]->(dependency)
WHERE		resource.system = "ERP"
RETURN		"[" + head(nodes(p)).host + "]" +
			reduce(s = "", n in tail(nodes(p)) | s + " -> " + "[" + n.host + "]") as Chain
Loading table...

Find dependency chain for business critical components: Data Warehouse

The query below finds the path of dependent components from left to right for ACME’s DW (Data Warehouse) application. The DW application represents an array of business intelligence resources dedicated to supporting time-sensitive analytical processes at ACME. If ACME’s DW application goes down it will cause significant impacts to the business operations at ACME on the technical side. If any one of the components to the right of the DW hostname fails, then the DW application will fail. This failure will cause public facing websites like the eCommerce application to not reflect the latest available data from ACME’s ERP application.

MATCH 		(dependency)<-[:DEPENDS_ON*]-(dependent)
WITH 		dependency, count(DISTINCT dependent) AS Dependents
ORDER BY 	Dependents DESC
LIMIT		1
WITH		dependency
MATCH 		p=(resource)-[:DEPENDS_ON*]->(dependency)
WHERE		resource.system = "DW"
RETURN		"[" + head(nodes(p)).host + "]" +
			reduce(s = "", n in tail(nodes(p)) | s + " -> " + "[" + n.host + "]") as Chain
Loading table...

Find the impact of the removal of a network component : Hardware Server

The query below finds the applications depending on ACME’s HARDWARE-SERVER-3. In case a network administrator wants to plan an intervention on the server, he has to know what will be the applications impacted. This way he can warn the applications users.

MATCH (application:Application)-[:DEPENDS_ON*]->(server)
WHERE       server.host = "HARDWARE-SERVER-3"
RETURN  application.type as Type,
        application.host as Host
Loading table...
Run
Table
Graph
Table!
Graph!
Error!
Loading