$_SESSION["ip_field_cnt"] = 1;
}
}
//
// DATABASES
//
if ($_GET["server"] != "") {
if ($_GET["server"] == "local") {
unset($_SESSION["server"]);
} else {
$_server = intval($_GET["server"]);
if ($_server > 0) {
// Query DB server
$dbo = new ossim_db();
$conn = $dbo->connect();
list($db_server) = Databases::get_list($conn, 'WHERE id = ' . $_server);
$dbo->close();
unset($dbo);
if (is_object($db_server)) {
$_SESSION["server"] = array($db_server->get_ip(), $db_server->get_port(), $db_server->get_user(), $db_server->get_pass(), $db_server->get_name());
}
}
}
Util::memcacheFlush(false);
}
if (is_array($_SESSION['server']) && $_SESSION["server"][0] != '') {
// Change connect variables
$alert_host = $_SESSION['server'][0];
$alert_port = $_SESSION['server'][1];
$alert_user = $_SESSION['server'][2];
$alert_password = $_SESSION['server'][3];
$li = "title:'{$title}', tooltip:'{$tooltip}', icon:'{$icon}', h:'{$h}', url:'../server/newserverform.php?name=" . $server_url . "'";
$buffer .= ($j > 0 ? "," : "") . "{ {$li} }";
$j++;
}
} else {
$buffer .= "{title:'" . _("No Servers Found") . "', noLink:true}";
}
$buffer .= "]";
echo $buffer;
} else {
if (preg_match("/databases/", $key)) {
$buffer = "[";
if (Session::am_i_admin()) {
require_once 'classes/Databases.inc';
$j = 0;
$databases = Databases::get_list($conn);
foreach ($databases as $database) {
$icon = "../../pixmaps/database.png";
$db_name = $database->get_name();
$db_title = Util::htmlentities($db_name);
$title = strlen($db_name) > $length_name ? substr($db_name, 0, $length_name) . "..." : $db_name;
$title = Util::htmlentities($title);
$tooltip = $db_title;
$li = "title:'{$title}', tooltip:'{$tooltip}', icon:'{$icon}', h:'{$h}', url:'../server/newdbsform.php?name=" . urlencode($db_name) . "'";
$buffer .= ($j > 0 ? "," : "") . "{ {$li} }";
$j++;
}
} else {
$buffer .= "{title:'" . _("No Databases Found") . "', noLink:true}";
}
$buffer .= "]";
die(ossim_error());
}
if ($name == "local") {
header("Content-type: image/png");
$image = imagecreatefrompng("../forensics/images/home.png");
if (imageistruecolor($image)) {
imageAlphaBlending($image, false);
imageSaveAlpha($image, true);
}
imagepng($image);
imagedestroy($image);
exit;
}
$db = new ossim_db();
$conn = $db->connect();
$server_list = Databases::get_list($conn, "WHERE name = '{$name}' or ip='{$name}'");
$db->close($conn);
if ($server_list[0]) {
header("Content-type: image/png");
$image = @imagecreatefromstring($server_list[0]->get_icon());
if (!$image) {
$image = @imagecreatefrompng("../forensics/images/server.png");
}
if (imageistruecolor($image)) {
imageAlphaBlending($image, false);
imageSaveAlpha($image, true);
}
imagepng($image);
imagedestroy($image);
}
?>
$opensource = !preg_match("/pro|demo/i", $version) ? true : false;
if (!isset($_SESSION["_user"])) {
$ossim_link = $conf->get_conf("ossim_link", FALSE);
$login_location = $ossim_link . '/session/login.php';
header("Location: {$login_location}");
exit;
}
// Solera API
$_SESSION["_solera"] = $conf->get_conf("solera_enable", FALSE) ? true : false;
//
// Get Host names to translate IP -> Host Name
require_once "ossim_db.inc";
$dbo = new ossim_db();
// Multiple Database Server selector
$conn = $dbo->connect();
$database_servers = Databases::get_list($conn);
$dbo->close();
//
if (is_array($_SESSION["server"]) && $_SESSION["server"][0] != "") {
$dbo->enable_cache();
$conn = $dbo->custom_connect($_SESSION["server"][0], $_SESSION["server"][2], $_SESSION["server"][3]);
} else {
$dbo->enable_cache();
$conn = $dbo->connect();
}
include_once "{$BASE_path}/base_common.php";
$sensors = $hosts = $ossim_servers = array();
$sensors = Av_sensor::get_basic_list($conn, array(), TRUE);
list($hosts, $host_ids) = Asset_host::get_basic_list($conn, array(), TRUE);
$entities = Session::get_all_entities($conn);
$rep_activities = Reputation::get_reputation_activities($conn, "ORDER BY descr", $db_memcache);
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('analysis-menu', 'EventsForensics');
$db = new ossim_db();
$conn = $db->connect();
$db_id = GET('id');
$update = intval(GET('update'));
ossim_valid($db_id, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _('Database ID'));
if (ossim_error()) {
die(ossim_error());
}
if ($db_id != '') {
if ($db_list = Databases::get_list($conn, "WHERE id = '{$db_id}'")) {
$db = array_shift($db_list);
$db_name = $db->get_name();
$ip = $db->get_ip();
$port = $db->get_port();
$user = $db->get_user();
$pass = Util::fake_pass($db->get_pass());
$icon = $db->get_html_icon();
$pass2 = $pass;
}
} else {
$db_id = '';
$db_name = '';
$ip = '';
$user = '';
$pass = '';
ossim_valid($rp, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _('Rp'));
if (ossim_error()) {
echo "<rows>\n<page>1</page>\n<total>0</total>\n</rows>\n";
exit;
}
if (!empty($order)) {
$order .= POST('sortorder') == 'asc' ? '' : ' desc';
} else {
$order = "name";
}
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$db = new ossim_db();
$conn = $db->connect();
$xml = '';
$db_list = Databases::get_list($conn, "ORDER BY {$order} {$limit}");
if ($db_list[0]) {
$total = $db_list[0]->get_foundrows();
if ($total == 0) {
$total = count($db_list);
}
} else {
$total = 0;
}
$xml .= "<rows>\n";
$xml .= "<page>{$page}</page>\n";
$xml .= "<total>{$total}</total>\n";
foreach ($db_list as $db_server) {
$id = $db_server->get_id();
$name = $db_server->get_name();
$ip = $db_server->get_ip();
$ip = $_SESSION['_dbs']['ip'];
$port = $_SESSION['_dbs']['port'];
$user = $_SESSION['_dbs']['user'];
$pass = $_SESSION['_dbs']['pass'];
$pass2 = $_SESSION['_dbs']['pass2'];
$icon = "";
unset($_SESSION['_dbs']);
} else {
$ip = $user = $pass = "";
$port = "3306";
if ($dbs_name != '') {
ossim_valid($dbs_name, OSS_ALPHA, OSS_PUNC, OSS_SCORE, 'illegal:' . _("Database Server Name"));
if (ossim_error()) {
die(ossim_error());
}
if ($server_list = Databases::get_list($conn, "WHERE name = '{$dbs_name}'")) {
$server = $server_list[0];
$dbs_name = $server->get_name();
$ip = $server->get_ip();
$port = $server->get_port();
$user = $server->get_user();
$pass = Util::fake_pass($server->get_pass());
$icon = $server->get_name();
$pass2 = $pass;
}
}
}
if (GET('withoutmenu') != "1") {
include "../hmenu.php";
}
?>
// 3.1) MERGE TEMP TO ORIGINAL SNORT
if (!$nomerge) {
$cmdline = "mysqldump -p{$snort_pass} -n -t -f --no-autocommit --insert-ignore snort_restore_{$filter_by} | mysql -u{$snort_user} -p{$snort_pass} -h{$snort_host} -P{$snort_port} {$snort_name}";
if ($debug) {
echo "Merge events into snort database...";
}
system($cmdline);
if ($debug) {
echo "ok\n";
}
// 3.2) CREATE A NEW Database Profile for SIEM
} else {
if ($debug) {
echo "Creating Database Profile...";
}
$list = Databases::get_list($conn, "WHERE name='{$snort_name_temp}'");
if (count($list) < 1) {
Databases::insert($conn, $snort_name_temp, $snort_host, $snort_port, $snort_user, $snort_pass, "");
if ($debug) {
echo "ok\n";
}
} else {
if ($debug) {
echo "already exists\n";
}
}
}
if ($debug) {
echo "All Done.\n";
}
$conn->disconnect();
