function get_pulse_detail_from_id($conn) { $type = POST('type'); $pulse = POST('pulse'); $id = POST('id'); ossim_valid($type, 'alarm|event|alarm_event', 'illegal:' . _('Type')); ossim_valid($pulse, OSS_HEX, 'illegal:' . _('Pulse')); ossim_valid($id, OSS_HEX, 'illegal:' . _('ID')); if (ossim_error()) { Av_exception::throw_error(Av_exception::USER_ERROR, ossim_get_error_clean()); } if ($type == 'alarm') { $pulse = Alarm::get_pulse_data_from_alarm($conn, $id, $pulse, TRUE); } elseif ($type == 'event') { $pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, FALSE, TRUE); } elseif ($type == 'alarm_event') { $pulse = Siem::get_pulse_data_from_event($conn, $id, $pulse, TRUE, TRUE); } return array('name' => $pulse['name'], 'descr' => $pulse['descr'], 'iocs' => array_values($pulse['iocs'])); }
throw new Exception(_("Error retrieving the asset data from memory")); } $db = new ossim_db(); $conn = $db->connect(); $class_name = get_class($asset_object); // DATA // Network or Group Hosts if ($asset_type == 'net' || $asset_type == 'group') { $asset_hosts_data = $asset_object->get_hosts($conn, array(), TRUE); $response['hosts'] = $asset_hosts_data[1]; } // Software $services_data = $asset_object->get_services($conn); $response['software'] = $services_data[1]; // Users $users_data = $asset_object->get_users($conn); $response['users'] = $users_data[1]; // Vulns $vuln_count = $class_name::get_vulnerability_number($conn, $asset_id); $response['vulns'] = $vuln_count; // Alarms list($alarms, $total) = $class_name::get_alarms($conn, $asset_id, 0, 1); // Just 1 result, we need the total count $response['alarms'] = $total > 0 ? _('Yes') : _('No'); // Events $has_events = Siem::has_events($conn, $asset_type, $asset_id); $response['events'] = $has_events ? _('Yes') : _('No'); echo json_encode($response); $db->close(); /* End of file get_snapshot.php */ /* Location: ./asset_details/ajax/get_snapshot.php */
$max = intval(GET('limit')); $max = $max ? $max : 50; ossim_valid($type, 'alarm|event', 'illegal:' . _("Type")); ossim_valid($search, OSS_NULLABLE, OSS_NOECHARS, OSS_ALPHA, OSS_SCORE, OSS_PUNC, 'illegal:' . _("Search")); if (ossim_error()) { die; } $db = new ossim_db(TRUE); //Remote DataBases if ($type == 'event' && is_array($_SESSION['server']) && $_SESSION['server'][0] != '') { $conn = $db->custom_connect($_SESSION["server"][0], $_SESSION["server"][2], $_SESSION["server"][3]); } else { $conn = $db->connect(); } if ($type == 'event') { $unique_pulses = Siem::get_unique_pulses($conn); } else { if ($type == 'alarm') { $unique_pulses = Alarm::get_unique_pulses($conn); } else { $unique_pulses = array(); } } $pulses = array(); if (count($unique_pulses) > 0) { try { $otx = new Otx(); list($total, $p_list) = $otx->get_pulse_list(array('page' => 0, 'page_rows' => -1)); foreach ($p_list as $p) { $p_id = Util::uuid_format_nc($p['id']); $p_name = trim($p['name']);
if (ossim_error()) { die(ossim_error()); } $db = new ossim_db(TRUE); $conn = $db->connect(); $p_list = array(); $r_list = array(); if ($type == 'alarm') { $p_list = Alarm::get_alarm_pulses($conn, $id, TRUE); $r_list = Alarm::get_alarm_reputation($conn, $id, TRUE); } elseif ($type == 'event') { $p_list = Siem::get_event_pulses($conn, $id, FALSE, TRUE); $r_list = Siem::get_event_reputation($conn, $id, FALSE, TRUE); } elseif ($type == 'alarm_event') { $p_list = Siem::get_event_pulses($conn, $id, $event_alarm, TRUE); $r_list = Siem::get_event_reputation($conn, $id, TRUE, TRUE); } $otx_info = array('type' => $type, 'id' => $id, 'pulse_list' => $p_list, 'rep_list' => $r_list); $db->close(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title><?php echo _('Open Threat Exchange Configuration'); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <meta http-equiv="Pragma" content="no-cache"/>