Usage
CLI overview
racfhound <command> [options]
| Command | Description |
|---|---|
export |
Parse an IRRDBU00 unload and upload to BloodHound |
collect |
Retrieve an IRRDBU00 unload from a mainframe via SSH/FTP |
query |
Run a saved Cypher query against BloodHound |
export
Parse a local IRRDBU00 unload and push the graph to BloodHound.
racfhound export \
--unload /path/to/irrdbu00.dat \
--url https://your-bloodhound-host \
--token YOUR_API_TOKEN
| Option | Description |
|---|---|
--unload |
Path to the IRRDBU00 unload file |
--url |
BloodHound base URL |
--token |
BloodHound API token (or set RACFHOUND_TOKEN) |
--dry-run |
Build the graph but do not upload |
--output |
Write the OpenGraph JSON to a file instead of uploading |
collect
Retrieve an IRRDBU00 unload from a mainframe.
racfhound collect \
--host mvshost.example.com \
--user SYSADM \
--jcl collect/irrdbu00.jcl \
--out /tmp/irrdbu00.dat
query
Run one of the bundled saved queries.
racfhound query list
racfhound query run apf-write-paths \
--url https://your-bloodhound-host \
--token YOUR_API_TOKEN
Python API
mfpandas-racfhound can be used directly without the CLI:
from mfpandas import IRRDBU00
from mfpandas_racfhound import to_bloodhound
racf = IRRDBU00("/path/to/irrdbu00.dat")
graph = to_bloodhound(racf)
# graph is a dict in BloodHound OpenGraph format