qroPrintEntry(gettext("unknown")); qroPrintEntry(gettext("N/A"), "center", "middle"); } else { $geo_info = Asset_host::get_extended_location($_conn, $geoloc, $currentIP); if ($geo_info['html_icon'] != '') { $country_img = $geo_info['html_icon'] . ' '; $slnk = $current_url . preg_replace("/.*src\\='\\/ossim([^']+)'.*/", "\\1", $country_img); } else { $country_img = ""; $slnk = ""; } $div = '<div id="' . $currentIP . ';' . $currentIP . ';' . $host_id . '" ctx="' . (Session::show_entities() ? $ctx : Session::get_default_ctx()) . '" class="HostReportMenu" style="padding:0px 0px 0px 25px">'; //'.getrepbgcolor($prio,1).' $bdiv = '</div>'; qroPrintEntry($div . $country_img . " " . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . $bdiv, 'left', '', 'nowrap'); qroPrintEntry(getrepimg($prio, $rel, $act, $currentIP), "center", "middle"); } if ($resolve_IP == 1) { qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $ctx, $db) . ' '); } /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&sort_order=occur_d'; if ($addr_type == 1) { if ($no_ip) { $url_criteria = BuildSrcIPFormVars(NULL_IP); } else { $url_criteria = BuildSrcIPFormVars($currentIP); } } else { if ($addr_type == 2) {
*/ if ($no_ip) { qroPrintEntry(gettext("unknown")); } else { $geo_info = Asset_host::get_extended_location($_conn, $geoloc, $currentIP); if ($geo_info['html_icon'] != '') { $country_img = $geo_info['html_icon'] . ' '; $slnk = $current_url . preg_replace("/.*src\\='\\/ossim([^']+)'.*/", "\\1", $country_img); } else { $country_img = ""; $slnk = ""; } $div = '<div id="' . $currentIP . ';' . $currentIP . ';' . $host_id . '" class="HostReportMenu" style="padding:0px 0px 0px 25px">'; // '.getrepbgcolor($prio,1).' $bdiv = '</div>'; qroPrintEntry($div . $country_img . ' ' . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . getrepimg($prio, $rel, $act, $currentIP) . $bdiv, 'left', '', 'nowrap'); } if ($resolve_IP == 1) { qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $ctx, $db) . ' '); } /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&sort_order=occur_d'; if ($no_ip) { $url_criteria_src = BuildSrcIPFormVars(NULL_IP); } else { $url_criteria_src = BuildSrcIPFormVars($currentIP); } if ($no_ip) { $url_criteria_dst = BuildDstIpFormVars(NULL_IP); } else {
<th>' . gettext("Dst MAC") . '</th> </TR> <TR> <TD nowrap>' . $idm_data["src_userdomains"] . '</TD> <TD nowrap>' . $idm_data["src_hostname"] . '</TD> <TD nowrap>' . $idm_data["src_mac"] . '</TD> <TD nowrap>' . $idm_data["dst_userdomains"] . '</TD> <TD nowrap>' . $idm_data["dst_hostname"] . '</TD> <TD nowrap>' . $idm_data["dst_mac"] . '</TD> </TR> </TABLE> </div> </div> '; $src_img = getrepimg($idm_data["rep_prio_src"], $idm_data["rep_rel_src"], $idm_data["rep_act_src"], $current_sip); $dst_img = getrepimg($idm_data["rep_prio_dst"], $idm_data["rep_rel_dst"], $idm_data["rep_act_dst"], $current_dip); $src_bgcolor = getrepbgcolor($idm_data["rep_prio_src"], 1); $dst_bgcolor = getrepbgcolor($idm_data["rep_prio_dst"], 1); echo '<br/> <div class="siem_detail_table"> <div class="siem_detail_subsection">' . _('REPUTATION') . '</div> <div class="siem_detail_subcontent"> <TABLE class="table_list"> <TR><!-- REPUTATION Subtitle missing --> <th>' . gettext("Source Address") . '</th> <th>' . gettext("Priority") . '</th> <th>' . gettext("Reliability") . '</th> <th>' . gettext("Activity") . '</th> <th>' . gettext("Destination Address") . '</th> <th>' . gettext("Priority") . '</th> <th>' . gettext("Reliability") . '</th>
} $cell_align['IP_PORTSRC'] = "left"; $cell_align['IP_SRC'] = "left"; $cell_align['PORT_SRC'] = "center"; if (in_array("IP_SRC_FQDN", $_SESSION['views'][$_SESSION['current_cview']]['cols'])) { $cell_data['IP_SRC_FQDN'] = baseGetHostByAddr($current_sip, $ctx, $db); $cell_align['IP_SRC_FQDN'] = "center"; } // 6- Destination IP Address if ($current_dip32 != "") { // Dst Data $dst_output = Asset_host::get_extended_name($_conn, $geoloc, $current_dip, $ctx, $current_dst_host, $myrow["dst_net"]); $dst_name = $dst_output['name']; $homelan_dst = $dst_output['is_internal']; $dst_img = $dst_output['html_icon']; $rep_dst_icon = getrepimg($myrow["REP_PRIO_DST"], $myrow["REP_REL_DST"], $myrow["REP_ACT_DST"], $current_dip); // Div for right click menu // Warning: ctx could be ctx_dst $div = '<div id="' . $current_dip . ';' . $dst_name . ';' . $current_dst_host . '" date_from="' . $date_from_aux . '" date_to="' . $date_to_aux . '" id2="' . $current_sip . ';' . $current_dip . '" ctx="' . $ctx . '" class="HostReportMenu">'; $bdiv = '</div>'; // IDM: User, Domain, and more data if ($idm_enabled && $myrow["dst_userdomain"] != "") { $idmtxt = _("IDM Username@domain") . ": <b>" . $myrow["dst_userdomain"] . "</b><br>" . _("IDM Hostname") . ": <b>" . $myrow["dst_hostname"] . "</b><br>" . _("IDM MAC") . ": <b>" . $myrow["dst_mac"] . "</b><br>" . _("IDM IP") . ": <b>{$current_dip}</b>"; $dip_aux = explode(", ", $myrow["dst_userdomain"]); $dip_lnk = ""; foreach ($dip_aux as $userdomain) { list($myrow["dst_username"], $myrow["dst_domain"]) = explode("@", $userdomain); $dip_where = '&idm_username%5B1%5D=both&idm_username%5B0%5D=' . urlencode($myrow["dst_username"]) . '&idm_domain%5B1%5D=both&idm_domain%5B0%5D=' . urlencode($myrow["dst_domain"]); $f_url = Menu::get_menu_url('base_qry_main.php?new=2&num_result_rows=-1&submit=Query+DB¤t_view=-1' . $dip_where, 'analysis', 'security_events', 'security_events'); $dip_lnk .= ($dip_lnk != "" ? ", " : "") . '<a class="trlnk idminfo" txt="' . Util::htmlentities($idmtxt, ENT_QUOTES) . '" style="color:navy;' . ($homelan_dst ? "font-weight:bold;" : "") . 'text-decoration:none" href="' . $f_url . '">' . $userdomain . '</a>'; }