$src = $stats['src'];
$dst = $stats['dst'];
$alarm_name = Util::translate_alarm($conn, $alarm->get_sid_name(), $alarm, 'array');
if (!empty($alarm_name['subcategory'])) {
$alarm_tr = Util::translate_alarm($conn, $alarm_name['subcategory'], $alarm, 'array');
$alarm_name['subcategory'] = $alarm_tr['name'];
}
$event_number = $stats['events'];
$alarm_time = get_alarm_life($alarm->get_since(), $alarm->get_last());
$alarm_life = get_alarm_life($alarm->get_last(), gmdate("Y-m-d H:i:s"), 'ago');
/* Source */
$_home_src = Asset_host::get_extended_name($conn, $gl, $alarm->get_src_ip(), $ctx, $event_info["src_host"], $event_info["src_net"]);
/* Destination */
$_home_dst = Asset_host::get_extended_name($conn, $gl, $alarm->get_dst_ip(), $ctx, $event_info["dst_host"], $event_info["dst_net"]);
//Alarm Attack Pattern
$attack_pattern = _(is_promiscous(count($src['ip']), count($dst['ip']), $_home_src['is_internal'], $_home_dst['is_internal']));
//Getting the tags
$_tags = Tag::get_tags_by_component($conn, $backlog_id);
$tag_list = array();
foreach ($_tags as $tag_id => $tag) {
$tag_list[$tag_id] = array('id' => $tag_id, 'name' => $tag->get_name(), 'class' => $tag->get_class());
}
//Alarm Status
if ($alarm->get_removable() === 0) {
$status = 'correlating';
} else {
$status = $alarm->get_status();
}
//Alarm JSON Info
$alarm = array('backlog_id' => $backlog_id, 'plugin_id' => $alarm->get_plugin_id(), 'plugin_sid' => $alarm->get_plugin_sid(), 'event_id' => $alarm->get_event_id(), 'engine' => Util::uuid_format($alarm->get_ctx()), 'agent_ctx' => $event_info["agent_ctx"], 'sid_name' => $alarm_name['name'], 'status' => $status, 'risk' => $alarm->get_risk(), 'attack_pattern' => $attack_pattern, 'created' => $alarm_life, 'duration' => $alarm_time, 'events' => $event_number, 'otx_icon' => $alarm->get_otx_icon(), 'iocs' => $alarm->get_iocs($conn, TRUE), 'event_start' => $alarm->get_since(), 'event_end' => $alarm->get_last(), 'src_ips' => $alarm->get_src_ip(), 'dst_ips' => $alarm->get_dst_ip(), 'src_ports' => $alarm->get_src_port(), 'dst_ports' => $alarm->get_dst_port(), 'sources' => $src['ip'], 'destinations' => $dst['ip'], 'tags' => $tag_list, 'taxonomy' => array('id' => $alarm_name['id'], 'kingdom' => $alarm_name['kingdom'], 'category' => $alarm_name['category'], 'subcategory' => $alarm_name['subcategory']));
//Alarm Perms
$alarm_open_url = "open_alarm('{$backlog_id}');";
$alarm_delete_url = "tray_delete('{$backlog_id}');";
/* Source Home */
$_home_src = Asset_host::get_extended_name($conn, $geoloc, $alarm->get_src_ip(), $ctx, $event["_SRC_HOST"], $event["_SRC_NET"]);
/* Destination Home */
$_home_dst = Asset_host::get_extended_name($conn, $geoloc, $alarm->get_dst_ip(), $ctx, $event["_DST_HOST"], $event["_DST_NET"]);
/* Detail */
$alarm_name = Util::translate_alarm($conn, $alarm->get_sid_name(), $alarm, 'array');
if ($alarm_name["id"] != '') {
$alarm_image = file_exists("/usr/share/ossim/www/alarm/style/img/" . $alarm_name["id"] . ".png") ? "<img src='style/img/" . $alarm_name["id"] . ".png' border='0' title='" . $alarm_name["kingdom"] . "'>" : "";
$alarm_title = $alarm_name["kingdom"] . ": <span style='font-size:15px'>" . $alarm_name["category"] . "</span>";
} else {
$alarm_image = "";
$alarm_title = $alarm_name['name'];
}
$promiscous_title = _(is_promiscous(count($stats['src']['ip']), count($stats['dst']['ip']), $_home_src['is_internal'], $_home_dst['is_internal']));
?>
<script language="javascript">
// Remove tag
function remove_tag(status, data)
{
$('#delete_data').html('');
$('#info_delete').hide();
if ('OK' == status)
{
display_datatables_column(true);
var row = $('#<?php
$engine = $alarm->get_ctx();
$taxonomy_icon = '/ossim/pixmaps/alarms.png';
$alarm_name = Util::translate_alarm($conn, $alarm->get_sid_name(), $alarm, 'array');
$event_number = $stats['events'];
//$alarm_time = get_alarm_life($stats['min_timestamp'], $stats['max_timestamp']);
//$alarm_life = get_alarm_life($stats['min_timestamp'], gmdate("Y-m-d H:i:s"), 'ago');
$alarm_time = get_alarm_life($alarm->get_since(), $alarm->get_last());
$alarm_life = get_alarm_life($alarm->get_last(), gmdate("Y-m-d H:i:s"), 'ago');
list($risk, $risk_color) = colorize_risk($alarm->get_risk());
/* Source */
$_home_src = Asset_host::get_extended_name($conn, $geoloc, $alarm->get_src_ip(), $ctx, $event_info["src_host"], $event_info["src_net"]);
$src_home = $_home_src['is_internal'] ? "<img src='/ossim/alarm/style/img/home24.png' class='home_img' /> " : '';
/* Destination */
$_home_dst = Asset_host::get_extended_name($conn, $geoloc, $alarm->get_dst_ip(), $ctx, $event_info["dst_host"], $event_info["dst_net"]);
$dst_home = $_home_dst['is_internal'] ? "<img src='/ossim/alarm/style/img/home24.png' class='home_img' /> " : '';
$promiscous_title = _(is_promiscous(count($src['ip']), count($dst['ip']), $_home_src['is_internal'], $_home_dst['is_internal']));
if (count($src['ip']) > 1 || count($dst['ip']) > 1) {
$promiscous_icon = '/ossim/alarm/style/img/promiscuous.png';
} else {
$promiscous_icon = '/ossim/alarm/style/img/npromiscuous.png';
}
$tooltip = '';
//Tags related to the alarm
$tags = $alarm->get_tags();
if (!empty($tags)) {
$tags_list = Tags::get_list($conn);
$tlist = array();
foreach ($tags as $id_tag) {
$tag = $tags_list[$id_tag];
if (is_object($tag)) {
$tlist[] = "<div>" . $tag->get_name() . "</div>";