Neo4j Cypher query for simple IP->FQDN bind dataset -

Neo4j Cypher query for simple IP->FQDN bind dataset -

i have next incredible simple data-set, contains ip->fqdn bind events timestamps.

i have added info neo4j graph.

i have been trying day write query returns "the ips bound fqdn1 @ timestamp 7"

i expect result ip2 because bound fqdn1 @ time 1 , never bound else before timestamp 7. not expect ip1 in result set bound fqdn2 @ time 2 , hence not bound fqdn1 @ time 7.

i getting , expect because have not yet made mental jump cypher way of thinking.

can please help me this?

edit: timestamp stored property of bound_to relationships.

having guess timestamp stored think want this:

match (f:fqdn{name:"fqdn1"})<-[:bound_to{timestamp:2}]-(ip:ip) homecoming ip

edit - in case want ranges

match (f:fqdn{name:"fqdn1"})<-[bound:bound_to]-(ip:ip) bound.timestamp >= 1 , bound.timestamp < 5 homecoming ip order bound.timestamp asc

edit - after question updated

i don't think idea, , @ how model adjusted store timeseries info in more graph way, (relatively untested):

match (f:fqdn { name:"fqdn1" })<-[b:bound_to]-(ip:ip) b.timestamp <= 2 f, b, ip match (other:fqdn)<-[ob:bound_to]-(ip) other <> f , ob.timestamp < b.timestamp , ob.timestamp <= 2 homecoming f, b, ip

the above won't quite work, need utilize results filter:

match (f:fqdn { name:"fqdn1" })<-[b:bound_to]-(ip:ip) b.timestamp <= 3 optional match (other:fqdn)<-[ob:bound_to]-(ip) other <> f , ob.timestamp > b.timestamp , ob.timestamp <= 3 ip, b, collect(ob) bindings length(bindings)= 0 homecoming ip

aside - depending on utilize case

you might want store active bound ips direct relationship fqdns, , add together (manually managed) list of historical bindings behind single bound ip. because faster traverse list query timestamps / order timestamps.

neo4j cypher