Techniques to generate relationship graphs utilizing data in an enterprise system environment

What is claimed is: 1 . A system to generate graphs of associates and events based on digital footprints of the associates, comprising: a data store comprising data, the data comprising the associates and the events performed by the associates; one or more processors coupled with the data store; and memory comprising instructions that, when executed by the one or more processors, cause the one or more processors to: retrieve the data from the data store; generate, with the data, a graph comprising associate nodes and event nodes, wherein the associate nodes connect with the event nodes via edges; generate a grouping of associate nodes comprising two or more of the associate nodes, each associate node in the grouping of associate nodes comprising a number of edges to the event nodes in common with each other above a threshold value; determine an associate node of the grouping of associate nodes having an edge with an event node, wherein the event node having a second number of edges with other associate nodes of the grouping of associate nodes below an edge threshold value; and generate an indication identifying the associate node. 2 . The system of claim 1 , wherein the instructions to generate the graph cause the one or more processors to generate edges between the associate nodes having at least one event node in common. 3 . The system of claim 1 , wherein the instructions to generate the graph cause the one or more processors to generate, for each associate node, an edge between a particular associate node and a particular event node when an associate of the particular associate node performs an event of the particular event node. 4 . The system of claim 1 , wherein each associate node represents an associate identified by an associate identifier, and each event node represents an event identified by an event identifier. 5 . The system of claim 4 , wherein each associate has access to at least one system hosted by a first-party organization and a third-party organization, and each event comprises an interaction with the at least one system hosted by the first-party organization or by the third-party organization. 6 . The system of claim 1 , comprising one or more networking interfaces, wherein the one or more networking interfaces couple with one or more systems hosted by a first-party organization or a third-party organization, wherein the instructions cause the one or more processors to collect the data from the one or more systems, wherein the one or more systems comprising an access system, a network system, an electronic mail system, a print system, a chat system, an application system, or a combination thereof. 7 . The system of claim 1 , comprising a display device, wherein the instructions cause the one or more processors to present the graph on the display device. 8 . The system of claim 7 , wherein the instructions cause the one or more processors to present the indication identifying the associate node in the graph on the display device. 9 . The system of claim 1 , wherein the instructions cause the one or more processors to send the indication to a device as an alert to display on a display device of the device. 10 . The system of claim 1 , wherein the instructions cause the one or more processors to group each of the associate nodes into one of a plurality of buckets based on a number of times an associate of a particular associate node performed an event associated with another event node. 11 . The system of claim 10 , wherein the instructions cause the one or more processors to: determine one of the plurality of buckets includes a number of associate nodes below a threshold value; and send a second indication to indicate that one of the plurality of groupings includes the number of associate nodes below the threshold value. 12 . The system of claim 10 , wherein the instructions cause the one or more processors to: determine one of the plurality of buckets includes a number of associate nodes above a threshold value; and send a second indication to indicate that one of the plurality of groupings includes the number of associate nodes above the threshold value. 13 . A system, comprising: a data store comprising data, the data comprising associates and events performed by the associates; one or more processors coupled with the data store; and memory comprising instructions that, when executed by the one or more processors, cause the one or more processors to: generate, with the data, a graph comprising associate nodes and event nodes, wherein the associate nodes connect with the event nodes via edges; group each of the associate nodes into one of a plurality of buckets based on a number of times an associate of a particular associate node performed an event associated with a particular event node; determine a bucket of the plurality of buckets is an anomaly based on a number of associate nodes in the bucket and a threshold value; and send an indication to indicate the associate nodes of the bucket is the anomaly. 14 . The system of claim 13 , wherein the instructions to generate the graph to cause the one or more processors to generate edges between the associate nodes having at least one event node in common. 15 . The system of claim 13 , wherein the instructions to generate the graph to cause the one or more processors to generate, for each associate node, an edge between an associate node and an event node when an associate of the associate node performs an event of the event node. 16 . The system of claim 13 , comprising a display device, and the instructions to cause the one or more processors to present the graph on the display device, and the indication identifying the associate node in the graph. 17 . The system of claim 13 , wherein the instructions to cause the one or more processors to send the indication to a device as an alert to display on a display device of the device. 18 . The system of claim 13 , wherein the instructions to cause the one or more processors to: generate a grouping of associate nodes comprising two or more of the associate nodes, each associate node in the grouping of associate nodes comprising a number of edges to the event nodes in common with each other above a threshold value; determine an associate node of the grouping of associate nodes having an edge with an event node, wherein the event node having a second number of edges other associate nodes of the grouping of associate nodes below an edge threshold value; and send a second indication identifying the associate node. 19 . The system of claim 13 , wherein the instructions to cause the one or more processors to determine the grouping includes the number of associate nodes above the grouping threshold value. 20 . The system of claim 13 , wherein the instructions to cause the one or more processors to determine the grouping includes the number of associate nodes below the grouping threshold value.