Cartography Installation

Time to set up the server that will run Cartography. Cartography should work on both Linux and Windows servers, but bear in mind we’ve only tested it in Linux so far. Cartography supports Python 3.8. Older versions of Python may work but are not explicitly supported.

  1. Get and install the Neo4j graph database on your server.

    1. Neo4j requires a JVM (JDK/JRE 11 or higher) to be installed. One option is to install Amazon Coretto 11.

      ⚠️ Make sure you have `JAVA_HOME` environment variable set. The following works for Mac OS: `export JAVA_HOME=$(/usr/libexec/java_home)`

    2. Go to the Neo4j download page, and download Neo4j Community Edition 4.4.*.

      ⚠️ Please read the "Get and run Cartography" instructions below carefully about Neo4j 4.x support. ⚠️

    3. Install Neo4j on the server you will run Cartography on.

      ⚠️ For local testing, you might want to turn off authentication via property `dbms.security.auth_enabled` in file /NEO4J_PATH/conf/neo4j.conf

  2. Configure your data sources. See the configuration section of each relevant intel module for more details.

  3. Get and run Cartography

    1. Run pip install cartography to install our code.

    2. Set up Neo4j 4.x support: Set environment variable to true with export EXPERIMENTAL_NEO4J_4X_SUPPORT=True

      ⚠️ This is a temporary fix that is necessary for cartography to support the new query syntax of Neo4j 4.x. A more permanent solution is in progress. ⚠️

    3. Finally, to sync your data:

      • For one account using the default profile defined in your AWS config file, run

        cartography --neo4j-uri <uri for your neo4j instance; usually bolt://localhost:7687>

      • Or for a specific account defined as a separate profile in your AWS config file, set the AWS_PROFILE environment variable, for example

        AWS_PROFILE=other-profile cartography --neo4j-uri <uri for your neo4j instance; usually bolt://localhost:7687>

      • For more than one AWS account, run

        AWS_CONFIG_FILE=/path/to/your/aws/config cartography --neo4j-uri <uri for your neo4j instance; usually bolt://localhost:7687> --aws-sync-all-profiles

        You can view a full list of Cartography’s CLI arguments by running cartography --help

        The sync will pull data from your configured accounts and ingest data to Neo4j! This process might take a long time if your account has a lot of assets.

    4. See our Operations Guide for tips on running Cartography in production.