You will use these queries within the Neo4j query dashboard and not from the Bloodhound interface. There are so many different ways to examine the data. The queries below are designed to help myself and others find unique things in the gathered Bloodhound data and make it useful.
MATCH (u:User)
WHERE u.description IS NOT NULL AND u.description <> "" AND u.description <> " "
return u.name, u.description
MATCH (u:User)-[:MemberOf]->(g:Group)-[:ReadLAPSPassword|GenericAll]->(:Computer)
RETURN DISTINCT u
MATCH (u:Group)
WHERE u.description IS NOT NULL AND u.description <> "" AND u.description <> " "
return u.name, u.description
MATCH (u:Computer)
WHERE u.description IS NOT NULL AND u.description <> "" AND u.description <> " "
return u.name, u.description
MATCH p=(u)-[r1:MemberOf*1..]->(g:Group)-[r2]->(n) WHERE r2.isacl=true
WITH u.name as name, LABELS(u)[1] as type, u.highvalue as highly_privileged,
COUNT(DISTINCT(n)) as controlled
WHERE name IS NOT NULL
AND type <> "Base"
RETURN type, name, highly_privileged, controlled
ORDER BY controlled DESC
LIMIT 100
Returns Top 100 objects with the most outbound ACLs and the groups that provide that privilege by count
Note: If you are only concered with User accounts, you will change the first line to: MATCH p=(u:User)-[r1:MemberOf*1..]->(g:Group)-[r2]->(n)
MATCH p=(u)-[r1:MemberOf*1..]->(g:Group)-[r2]->(n)
WHERE r2.isacl=true
WITH u.name as name, LABELS(u)[1] as type, g.name as group_name, COUNT(DISTINCT(n)) as group_controlled
WHERE name IS NOT NULL AND type <> "Base"
WITH name, type, COLLECT({group: group_name, count: group_controlled}) as groups, SUM(group_controlled) as controlled
RETURN type, name, groups, controlled
ORDER BY controlled DESC
LIMIT 100