function cancel_scan($wizard)
{
//File to cache scan object
$user = Session::get_session_user();
$scan_file = 'w_last_asset_object-' . md5($user);
$step = intval($wizard->get_step_data('scan_step'));
if ($step == 1 || $step == 2) {
$obj = Av_scan::get_object_from_file($scan_file);
$obj->stop();
$obj->delete_scan();
Cache_file::remove_file($scan_file);
}
$wizard->clean_step_data();
$wizard->save_status();
$response['error'] = FALSE;
return $response;
}
ossim_valid($extra_options, OSS_NULLABLE, OSS_LETTER, '_', 'illegal:' . _("Extra Options"));
$db = new ossim_db(TRUE);
$conn = $db->connect();
if ($page == "" || $page <= 0) {
$page = 1;
}
//Not cached trees never
$cache_exp['asec_pg'] = 1;
$cache_exp['contexts'] = 1;
//Hack to only show assets not linked to HIDS agents
if ($extra_options == 'only_unlinked_to_hids_agents') {
$cache_exp[$key] = 1;
}
$user = Session::get_session_user();
$c_file = 'tree_' . md5("{$key} {$page} {$filter} {$section} {$extra_options} {$user}");
$json = NULL;
if (empty($cache_exp[$key])) {
$json = Cache_file::get_asset_data($c_file);
}
if (empty($json)) {
$tree = new Tree($key, $page, $filter, $section, $length_name, $extra_options);
ob_start();
$tree->draw();
$json = ob_get_contents();
ob_end_clean();
if (empty($cache_exp[$key])) {
Cache_file::save_file($c_file, $json);
}
}
echo $json;
$db->close();
/**
* This function gets the SIEM trends in hours
*
* @param $h Number of hours of the trend
* @param $assets_filters [Optional] Asset filter applied
*
* @return An array with the result of the query that contains the data of the trend
*/
function SIEM_trends($h = 24, $assets_filters = '', $first_date = '')
{
global $tz;
//Cache file
$file = '_siem_events_' . Session::get_session_user() . '_';
$file .= md5($h . '_' . serialize($assets_filters));
$data = Cache_file::get_asset_data($file, 300);
if (is_array($data)) {
return $data;
}
$db = new ossim_db(TRUE);
$dbconn = $db->connect();
$tzc = Util::get_tzc($tz);
$data = array();
//Filters of assets
if (empty($assets_filters)) {
$assets_filters['assets'] = array();
$assets_filters['ctxs'] = array();
}
$query_where = Security_report::make_where($dbconn, gmdate("Y-m-d H:00:00", gmdate("U") - 3600 * $h), gmdate("Y-m-d H:59:59"), array(), $assets_filters);
$sqlgraph = "SELECT SUM(cnt) AS num_events, hour(convert_tz(timestamp,'+00:00','{$tzc}')) AS intervalo, day(convert_tz(timestamp,'+00:00','{$tzc}')) AS suf \n FROM alienvault_siem.ac_acid_event as acid_event WHERE 1=1 {$query_where} GROUP BY suf,intervalo";
if ($first_date) {
// Test if we have enough data in ac_acid_event
$query = "select cnt from alienvault_siem.ac_acid_event where timestamp between '{$first_date}:00:00' and '{$first_date}:59:59' limit 1";
$rg = $dbconn->CacheExecute($query);
if (!$rg) {
print $dbconn->ErrorMsg();
}
if ($rg->EOF) {
// Test if we have enough data in acid_event
$query = "select hex(id) from alienvault_siem.acid_event where timestamp between '{$first_date}:00:00' and '{$first_date}:59:59' limit 1";
$rg = $dbconn->CacheExecute($query);
if (!$rg) {
print $dbconn->ErrorMsg();
}
if (!$rg->EOF) {
$sqlgraph = "SELECT COUNT(acid_event.id) AS num_events, hour(convert_tz(timestamp,'+00:00','{$tzc}')) AS intervalo, day(convert_tz(timestamp,'+00:00','{$tzc}')) AS suf \n FROM alienvault_siem.acid_event WHERE 1=1 {$query_where} GROUP BY suf,intervalo";
}
}
}
$rg = $dbconn->CacheExecute($sqlgraph);
if (!$rg) {
print $dbconn->ErrorMsg();
} else {
while (!$rg->EOF) {
$data[$rg->fields['suf'] . ' ' . $rg->fields['intervalo'] . 'h'] = $rg->fields['num_events'];
$rg->MoveNext();
}
}
$db->close();
Cache_file::save_file($file, $data);
return $data;
}
******************** Search Box ********************
****************************************************/
$autocomplete_keys = array('hosts', 'nets');
$assets = Autocomplete::get_autocomplete($conn, $autocomplete_keys);
/****************************************************
******************** Clear Scan ********************
****************************************************/
//Results will be deleted when a custom scan is executed or when an user forces it
if (intval($_REQUEST['clearscan']) == 1 || $_REQUEST['action'] == 'custom_scan') {
try {
//Delete scan task from Redis
$av_scan = Av_scan::get_object_from_file($scan_file);
if (is_object($av_scan) && !empty($av_scan)) {
$av_scan->delete_scan();
//Delete local scan files
Cache_file::remove_file($scan_file);
}
//Delete report scan information
@unlink($scan_report_file);
} catch (Exception $e) {
}
}
/*******************************************************************
*** Custom scan (From Asset Detail or from a Suggestion Link) ***
********************************************************************/
if ($_REQUEST['action'] == 'custom_scan') {
if ($_GET['action'] == 'custom_scan') {
//It's necessary to validate properly
$_POST = $_GET;
$_POST['timing_template'] = $ttemplate;
$_POST['autodetected'] = $autodetected;
private function _get_input_file()
{
$input_arff = $this->array_to_arff($this->input_array);
$input_cache = new Cache_file($this->_get_cache_key_input(), $input_arff, 0);
return $input_cache->get_path();
}
protected function _get_input_file()
{
return "D:\\tmp\\o1u2qtput.csv";
$input_arff = $this->array_to_arff($this->input_array);
$input_cache = new Cache_file($this->_get_cache_key_input(), $input_arff, 0);
return $input_cache->get_path();
}