1

I've been trying to Run cartography on my EC2 account for the last 2 days. I have no previous knowledge of Neo4j, But following their installation process doesn't work.

First I've tried to install Neo4j using rpm instructions for Neo4J website, no success acessing Neo4j on port 7474. Error: Connection refused.

Then I gave up trying to make Neo4J work on an EC2 installation, and used their MarketPlace AMi- Works Like a charm but I don't know what is being installed on that AMI. So I decided to install and run cartography on this instance. My first problem was installing python, pip and java correctly. After everything working, I've discovered neo4j bolt port used my public IP, not my localhost. After thatI was able to finally execute Cartography, but Not it's giving me the following error:

neobolt.exceptions.ClientError: Supplied bookmark [FB:kcwQ40omSYgvSzKPpCQTXDOcCBSQ] does not conform to pattern neo4j:bookmark:v1:tx

Have Anyone really was able to use this?, every step along the way requires some specific libraries.

Thanks !

Cesar Javaroni
  • 23
  • 6
  • 1
    On **7474** you only run the web client, which is a standard web app and can be configured to run on other ports if you wish. Your **bolt** port is probably **7687** - this is used by **bolt** **driver** to actually read and write the data in Java, Python or any other environments, but **7474** can be even **8000** if made available - look at https://github.com/neo4j/neo4j-browser - All those ports need to be in your security groups consistent with rules you've defined and ports you made available. – dmitryro Sep 26 '20 at 02:16
  • @dmitryro, I've double checked SG, NACLs, Everything related to AWS. I even opened all ports. – Cesar Javaroni Oct 01 '20 at 17:44

1 Answers1

0

I maintain cartography and hope I can help (wish I saw this earlier though haha)

Few things to check:

  • Are you using Neo4j 4.x? cartography currently only supports 3.5.x.

  • To run for one AWS account,

    AWS_PROFILE=profilename cartography --neo4j-uri <uri for your neo4j instance; usually bolt://localhost:7687>`

  • To run multiple accounts, set up an AWS config file and run

    AWS_CONFIG_FILE=/path/to/your/aws/config cartography --neo4j-uri <uri for your neo4j instance; usually bolt://localhost:7687> --aws-sync-all-profiles

    (see https://github.com/lyft/cartography/blob/master/docs/setup/install.md#cartography-installation)

If you have more questions feel free to open a GitHub issue or start a thread on our Slack (can talk about more specialized setups like if you're using containers or anything like that too)

Alex Chantavy
  • 19
  • 3
  • Hey Alex, I wish I saw your response earlier too haha. Man, Fianlly I was able to run cartography suing neo4j from amazon market place, and I was able to provide and run it for my clients as a simple PoC. We were able to actually let tool operative and map some accounts one by one manually and used the reports to generate security analysis. I wish I had seen your response earlier too, by 2021 I had already ended my engagement with that project hahahaha – Cesar Javaroni Sep 07 '22 at 17:22