PHP make_sensor_filter Beispiele

Programmiersprache: PHP

Methode / Funktion: make_sensor_filter

Beispiele auf hotexamples.com: 3

PHP make_sensor_filter - 3 Beispiele gefunden. Dies sind die am besten bewerteten PHP Beispiele für die make_sensor_filter, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Beispiel #1

Datei anzeigen

Datei: event_trends.php Projekt: jhbsz/ossimTest

function SIEM_trends_week($param = "")
{
    global $tz;
    $tzc = Util::get_tzc($tz);
    $data = array();
    $plugins = $plugins_sql = "";
    require_once 'ossim_db.inc';
    $db = new ossim_db();
    $dbconn = $db->connect();
    $sensor_where = make_sensor_filter($dbconn);
    if ($param != "") {
        require_once "classes/Plugin.inc";
        $oss_p_id_name = Plugin::get_id_and_name($dbconn, "WHERE name LIKE '{$param}'");
        $plugins = implode(",", array_flip($oss_p_id_name));
        $plugins_sql = "AND acid_event.plugin_id in ({$plugins})";
    }
    $sqlgraph = "SELECT COUNT(acid_event.sid) as num_events, day(convert_tz(timestamp,'+00:00','{$tzc}')) as intervalo, monthname(convert_tz(timestamp,'+00:00','{$tzc}')) as suf FROM snort.acid_event LEFT JOIN ossim.plugin ON acid_event.plugin_id=plugin.id WHERE timestamp BETWEEN '" . gmdate("Y-m-d 00:00:00", gmdate("U") - 604800) . "' AND '" . gmdate("Y-m-d 23:59:59") . "' {$plugins_sql} {$sensor_where} GROUP BY suf,intervalo ORDER BY suf,intervalo";
    if (!($rg =& $dbconn->Execute($sqlgraph))) {
        print $dbconn->ErrorMsg();
    } else {
        while (!$rg->EOF) {
            $hours = $rg->fields["intervalo"] . " " . substr($rg->fields["suf"], 0, 3);
            $data[$hours] = $rg->fields["num_events"];
            $rg->MoveNext();
        }
    }
    $db->close($dbconn);
    return $param != "" ? array($data, $oss_plugin_id) : $data;
}

Beispiel #2

Datei anzeigen

Datei: utils.php Projekt: jhbsz/ossimTest

function SIEM_trends_hids($agent_ip)
{
    include_once '../panel/sensor_filter.php';
    require_once 'classes/Plugin.inc';
    require_once 'classes/Util.inc';
    require_once 'ossim_db.inc';
    $tz = Util::get_timezone();
    $tzc = Util::get_tzc($tz);
    $data = array();
    $plugins = $plugins_sql = "";
    $db = new ossim_db();
    $dbconn = $db->connect();
    $sensor_where = make_sensor_filter($dbconn);
    // Ossec filter
    $oss_p_id_name = Plugin::get_id_and_name($dbconn, "WHERE name LIKE 'ossec%'");
    $plugins = implode(",", array_flip($oss_p_id_name));
    $plugins_sql = "AND acid_event.plugin_id in ({$plugins})";
    // Agent ip filter
    $agent_where = make_sid_filter($dbconn, $agent_ip);
    if ($agent_where == "") {
        $agent_where = "0";
    }
    $sqlgraph = "SELECT COUNT(acid_event.sid) as num_events, day(convert_tz(timestamp,'+00:00','{$tzc}')) as intervalo, monthname(convert_tz(timestamp,'+00:00','{$tzc}')) as suf FROM snort.acid_event LEFT JOIN ossim.plugin ON acid_event.plugin_id=plugin.id WHERE sid in ({$agent_where}) AND timestamp BETWEEN '" . gmdate("Y-m-d 00:00:00", gmdate("U") - 604800) . "' AND '" . gmdate("Y-m-d 23:59:59") . "' {$plugins_sql} {$sensor_where} GROUP BY suf,intervalo ORDER BY suf,intervalo";
    //print $sqlgraph;
    if (!($rg =& $dbconn->Execute($sqlgraph))) {
        return false;
    } else {
        while (!$rg->EOF) {
            $hours = $rg->fields["intervalo"] . " " . substr($rg->fields["suf"], 0, 3);
            $data[$hours] = $rg->fields["num_events"];
            $rg->MoveNext();
        }
    }
    $db->close($dbconn);
    return $data;
}

Beispiel #3

Datei anzeigen

Datei: pie_graph.php Projekt: jhbsz/ossimTest

    if (!Session::menu_perms("MenuControlPanel", "ControlPanelExecutive")) {
        Session::unallowed_section(null, 'noback', "MenuControlPanel", "ControlPanelExecutive");
    }
}
$db = new ossim_db();
$conn = $db->connect();
session_write_close();
$data = "";
$urls = "";
$colors = '"#E9967A","#9BC3CF"';
$range = 604800;
// Week
$h = 250;
// Graph Height
$forensic_link = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=week&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz - $range) . "&time[0][3]=" . gmdate("d", $timetz - $range) . "&time[0][4]=" . gmdate("Y", $timetz - $range) . "&time[0][5]=&time[0][6]=&time[0][7]=&time[0][8]=+&time[0][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=1&sort_order=time_d&hmenu=Forensics&smenu=Forensics";
$sensor_where = make_sensor_filter($conn, "a");
if ($sensor_where != "") {
    $query = "SELECT count(a.sid) as num_events,c.cat_id,c.id,c.name FROM snort.acid_event a,ossim.plugin_sid p,ossim.subcategory c WHERE c.id=p.subcategory_id AND p.plugin_id=a.plugin_id AND p.sid=a.plugin_sid AND a.timestamp BETWEEN '" . gmdate("Y-m-d 00:00:00", gmdate("U") - $range) . "' AND '" . gmdate("Y-m-d 23:59:59") . "' {$sensor_where} TAXONOMY group by c.id,c.name order by num_events desc LIMIT 10";
} else {
    $query = "SELECT sum(sig_cnt) as num_events,c.cat_id,c.id,c.name FROM snort.ac_alerts_signature a,ossim.plugin_sid p,ossim.subcategory c WHERE c.id=p.subcategory_id AND p.plugin_id=a.plugin_id AND p.sid=a.plugin_sid AND a.day BETWEEN '" . gmdate("Y-m-d", gmdate("U") - $range) . "' AND '" . gmdate("Y-m-d") . "' TAXONOMY group by c.id,c.name order by num_events desc LIMIT 10";
}
switch (GET("type")) {
    // Top 10 Events by Product Type - Last Week
    case "source_type":
        $types = $ac = array();
        if (!($rp =& $conn->Execute("SELECT id,source_type FROM ossim.plugin"))) {
            print $conn->ErrorMsg();
        } else {
            while (!$rp->EOF) {
                if ($rp->fields["source_type"] == "") {
                    $rp->fields["source_type"] = _("Unknown type");