4
votes

I am a Neo4J newbie and I have a simple CSV with source and dest IPs. I'd like to create a relationship between nodes with the same labels.

Something like ... source_ip >> ALERTS >> dest_ip, or the reverse.

"dest_ip","source_ip" 
"130.102.82.16","54.231.19.32" 
"130.102.82.116","114.30.64.11" 
"130.102.82.116","114.30.64.11" 
...

LOAD CSV WITH HEADERS 
FROM "file:///Users/me/Desktop/query_result.csv" AS csvLine  
CREATE (alert:Alert { source_ip: csvLine.source_ip, dest_ip: csvLine.dest_ip})

MATCH (n:Alert) RETURN n LIMIT 25

dest_ip 130.102.82.16 source_ip 54.231.19.32

....

This works fine. My question is how I create the relationship between the labels inside the alerts? I've tried and failed a slew of times. I'm guessing I need to set up separate Nodes for Source and Dest and then link them, just unsure how.

Thanks in advance!

Peace, Tom

2

2 Answers

6
votes

First create a constraint like this, to guarantee uniqueness and speed up the MERGE operation.

CREATE CONSTRAINT ON (a:Alert) ASSERT a.ip IS UNIQUE;

You can use as many CREATE statements as you want, and then MERGE the relationship, like this:

LOAD CSV WITH HEADERS 
FROM "file:///Users/me/Desktop/query_result.csv" AS csvLine  
MERGE (node1:Alert { ip: csvLine.source_ip })
MERGE (node2:Alert { ip: csvLine.dest_ip })
MERGE (node1)-[r:ALERT]->(node2)

By the by, I'd recommend using MERGE in most places to make sure you don't end up creating duplicates. In this file, a certain IP address might be listed many times, you don't want a new node each time it's created, you probably want all references under that one IP address, hence MERGE here instead of CREATE

2
votes

Assuming that your graph model is something like

(:source)-[:ALERT]->(:Destination)

The following Cypher query will create that relationship

LOAD CSV WITH HEADERS FROM "file:///Users/me/Desktop/query_result.csv" AS csvLine 
CREATE (source:Source { ip: csvLine.source_ip })-[:ALERTS]->(dest:Destination { ip: csvLine.dest_ip})