Beispiel #1
0
if (!($rs =& $conn_ossim->Execute($query1))) {
    print $conn_ossim->ErrorMsg();
    exit;
}
while (!$rs->EOF) {
    $plugins[$rs->fields["id"]] = preg_replace("/ossec-.*/", "ossec", $rs->fields["name"]);
    $rs->MoveNext();
}
$data = array();
$data[] = "";
$host = $_SESSION['host_report'];
// User sensor filtering
$sensor_where = "";
if (Session::allowedSensors() != "") {
    $user_sensors = explode(",", Session::allowedSensors());
    $snortsensors = Event_viewer::GetSensorSids($conn);
    $sensor_str = "";
    foreach ($user_sensors as $user_sensor) {
        if (count($snortsensors[$user_sensor]) > 0) {
            $sensor_str .= $sensor_str != "" ? "," . implode(",", $snortsensors[$user_sensor]) : implode(",", $snortsensors[$user_sensor]);
        }
    }
    if ($sensor_str == "") {
        $sensor_str = "0";
    }
    $sensor_where = " AND sid in (" . $sensor_str . ")";
}
$hostname = Host::ip2hostname($conn_ossim, $host);
if ($hostname != $host) {
    $title = $hostname . "({$host})";
} else {
Beispiel #2
0
 function showWindowContents()
 {
     require_once 'ossim_db.inc';
     require_once 'classes/Event_viewer.inc';
     $dbname = $this->get('cloud_db');
     $link = $this->get('cloud_link');
     $max_len = $this->get('cloud_tag_max_len');
     $resolv_hostname = $this->get('cloud_resolv_ip');
     if (ossim_error()) {
         die(ossim_error());
     }
     $method = $dbname == 'snort' ? 'snort_connect' : 'connect';
     $db = new ossim_db();
     $conn = $db->{$method}();
     // User sensor filtering
     $sensor_where = "";
     if (Session::allowedSensors() != "") {
         $user_sensors = explode(",", Session::allowedSensors());
         $snortsensors = Event_viewer::GetSensorSids($conn);
         $sensor_str = "";
         foreach ($user_sensors as $user_sensor) {
             if (count($snortsensors[$user_sensor]) > 0) {
                 $sensor_str .= $sensor_str != "" ? "," . implode(",", $snortsensors[$user_sensor]) : implode(",", $snortsensors[$user_sensor]);
             }
         }
         if ($sensor_str == "") {
             $sensor_str = "0";
         }
         $sensor_where = " sid in (" . $sensor_str . ")";
     }
     $sql = $this->get('cloud_sql');
     if (!preg_match('/^\\s*\\(?\\s*SELECT\\s/i', $sql) || preg_match('/\\sFOR\\s+UPDATE/i', $sql) || preg_match('/\\sINTO\\s+OUTFILE/i', $sql) || preg_match('/\\sLOCK\\s+IN\\s+SHARE\\s+MODE/i', $sql)) {
         return _("SQL Query invalid due security reasons");
     }
     if ($sensor_where != "") {
         if (preg_match("/where/", $sql)) {
             $sql = str_replace("where", "where " . $sensor_where . " AND ", $sql);
         } else {
             $sql = str_replace("GROUP BY", "where " . $sensor_where . " GROUP BY", $sql);
         }
     }
     //echo "Ejecutando en $dbname: $sql";
     if (!($rs = $conn->Execute($sql))) {
         return "Error was: " . $conn->ErrorMsg() . "\n\nQuery was: " . $sql;
     }
     if ($resolv_hostname) {
         require_once "classes/Host.inc";
     }
     $tags = array();
     while (!$rs->EOF) {
         if ($resolv_hostname) {
             $tag_names[$rs->fields[0]] = Host::ip2hostname($conn, $rs->fields[0], $is_sensor = false, $force_no_dns = true);
         }
         $tags[$rs->fields[0]] = $rs->fields[1];
         $rs->MoveNext();
     }
     $db->close($conn);
     if (!count($tags)) {
         return "";
     }
     // Default font sizes
     $min_font_size = 8;
     $max_font_size = 35;
     $minimum_count = min(array_values($tags));
     $maximum_count = max(array_values($tags));
     $spread = $maximum_count - $minimum_count;
     if ($spread == 0) {
         $spread = 1;
     }
     if ($link == '') {
         $link = '#';
     }
     $cloud_html = '';
     $cloud_tags = array();
     // create an array to hold tag code
     foreach ($tags as $tag => $count) {
         $local_link = str_replace("_TAG_", $tag, $link);
         $local_name = $tag;
         if ($resolv_hostname) {
             $local_name = $tag_names[$tag];
         }
         if ($max_len > 0) {
             $tag = substr($tag, 0, $max_len);
         }
         $size = count($tags) == 1 ? $max_font_size : $min_font_size + ($count - $minimum_count) * ($max_font_size - $min_font_size) / $spread;
         $cloud_tags[] = '<a style="font-size: ' . floor($size) . 'px' . '" class="tag_cloud" href="' . htmlspecialchars($local_link) . '" title="\'' . $tag . '\' returned a count of ' . $count . '">' . htmlspecialchars(stripslashes($local_name)) . '</a>&nbsp;';
     }
     $cloud_html = join("\n", $cloud_tags) . "\n";
     return $cloud_html;
 }