function system_add_credentials()
{
if (!isset($_POST['AddCredentials'])) {
$details = new stdClass();
$details->system_id = intval($this->uri->segment(3, 0));
if (!is_int($details->system_id) or $details->system_id == 0) {
redirect('main/list_devices');
}
$this->load->model("m_system");
$this->data['system_id'] = $details->system_id;
$this->data['ip_address'] = ip_address_from_db($this->m_system->check_man_ip_address($details->system_id));
$this->data['heading'] = 'Add Device SNMP Credentials';
$this->data['include'] = 'v_add_system_c';
$this->load->view('v_template', $this->data);
} else {
$system_id = $_POST['system_id'];
$this->load->model("m_system");
$this->load->library('encrypt');
if ($_POST['snmp_community'] > '' and $_POST['snmp_version'] > '' and $_POST['ip_address'] > '') {
$encode['ip_address'] = $_POST['ip_address'];
$encode['snmp_version'] = $_POST['snmp_version'];
$encode['snmp_community'] = $_POST['snmp_community'];
$encoded = json_encode($encode);
$encoded = $this->encrypt->encode($encoded);
$this->m_system->update_system_man($system_id, 'access_details', $encoded);
if ($_POST['snmp_scan'] == TRUE) {
redirect('admin_system/system_snmp/' . $system_id);
} else {
redirect('main/system_display/' . $system_id);
}
} else {
redirect('admin_system/system_add_credentials/' . $system_id);
}
}
}
public function discover_subnet()
{
set_time_limit(600);
if (!isset($_POST['submit'])) {
// must be an admin to access this page
$this->load->model('m_oa_user');
$this->m_oa_user->validate_user();
if ($this->user->admin != 'y') {
if (isset($_SERVER['HTTP_REFERER']) and $_SERVER['HTTP_REFERER'] > "") {
redirect($_SERVER['HTTP_REFERER']);
} else {
redirect('main/list_groups');
}
}
$this->data['apppath'] = APPPATH;
$this->data['image_path'] = base_url() . 'theme-' . $this->user->theme . '/' . $this->user->theme . '-images/';
$this->load->model("m_oa_report");
$this->load->model('m_devices_components');
$this->data['menu'] = $this->m_oa_report->list_reports_in_menu();
// show the form to accept scan details
$this->data['type'] = "";
#$this->data['credentials'] = new stdClass();
if ($this->uri->segment(3) and $this->uri->segment(3)) {
if (is_numeric($this->uri->segment(3))) {
$this->data['system_id'] = $this->uri->segment(3);
#$this->data['credentials'] = $this->m_system->get_credentials($this->data['system_id']);
$this->data['ip_address'] = ip_address_from_db($this->m_devices_components->read($this->data['system_id'], 'y', 'system', '', 'ip'));
$this->data['type'] = 'device';
} else {
$this->data['system_id'] = "";
$this->data['ip_address'] = "";
$this->data['type'] = $this->uri->segment(3);
}
}
if ($this->uri->segment(4) and is_numeric($this->uri->segment(4))) {
$this->data['system_id'] = $this->uri->segment(4);
#$this->data['credentials'] = $this->m_system->get_credentials($this->data['system_id']);
$this->data['ip_address'] = ip_address_from_db($this->m_devices_components->read($this->data['system_id'], 'y', 'system', '', 'ip'));
}
if (!empty($this->data['system_id'])) {
$temp_system = $this->m_system->get_system_summary($this->data['system_id']);
$this->data['org_id'] = $temp_system[0]->org_id;
$this->data['location_id'] = $temp_system[0]->location_id;
unset($temp_system);
}
$this->load->model('m_oa_org');
$this->data['orgs'] = $this->m_oa_org->get_org_names();
$this->load->model('m_oa_location');
$this->data['locations'] = $this->m_oa_location->get_location_names();
$this->data['warning'] = '';
$sql = "SELECT COUNT(*) AS `count` FROM credentials";
$query = $this->db->query($sql);
$result = $query->result();
$row = $query->row();
if (isset($row->count) and intval($row->count) == 0) {
$this->data['warning'] = 'You do not have any credentials stored. Please create some using menu -> Admin -> Credentials -> Add Credential Set.';
}
$this->data['include'] = "v_discover_subnet";
$this->data['sortcolumn'] = '1';
$this->data['heading'] = 'Discovery';
$this->load->view('v_template', $this->data);
} else {
// process the scan details and call the discovery script
$this->load->model('m_oa_config');
$this->m_oa_config->load_config();
$this->load->helper('network_helper');
$return_var = "";
$output = "";
$display = '';
$timestamp = $this->config->config['timestamp'];
if ($this->input->post('debug') and strpos($_SERVER['HTTP_ACCEPT'], 'html')) {
$display = 'y';
echo "<pre>\n";
}
$credentials = new stdClass();
// all logging will be as below, only the message will change
$log_details = new stdClass();
$log_details->severity = 7;
$log_details->file = 'system';
$log_details->display = $display;
if (isset($_POST['subnet_range']) and $_POST['subnet_range'] > '') {
$subnet_range = $_POST['subnet_range'];
$credentials->ip = $_POST['subnet_range'];
} else {
$subnet_range = "";
}
$encode = array();
if (isset($_POST['limit']) and $_POST['limit'] != '' and is_numeric($_POST['limit'])) {
$encode['limit'] = (int) $_POST['limit'];
} else {
$encode['limit'] = 1000000;
}
$encode['count'] = 0;
$log_details->message = 'Discovery submitted for ' . $subnet_range;
stdlog($log_details);
// add to the list of blessed subnets
if (strpos($subnet_range, '/') !== false) {
$this->m_oa_config->update_blessed($subnet_range);
} else {
if (filter_var($subnet_range, FILTER_VALIDATE_IP) !== false) {
$temp = network_details($subnet_range . '/30');
$this->m_oa_config->update_blessed($temp->network . '/' . $temp->network_slash);
}
}
// we encode the supplied credentials and store them in the database
// the script will simply pass back the timestamp and the credentials will be retrieved and used
$this->load->library('encrypt');
if (isset($_POST['network_address']) and $_POST['network_address'] > '') {
$encode['network_address'] = $_POST['network_address'];
} else {
$encode['network_address'] = '';
}
if (isset($_POST['use_https']) and $_POST['use_https'] > '') {
$encode['use_https'] = $_POST['use_https'];
} else {
$encode['use_https'] = '';
}
if (isset($_POST['org']) and $_POST['org'] > '') {
$encode['org'] = $_POST['org'];
} else {
$encode['org'] = '';
}
if (isset($_POST['location']) and $_POST['location'] > '') {
$encode['location'] = $_POST['location'];
} else {
$encode['location'] = '';
}
if (isset($this->user->full_name)) {
$encode['last_user'] = $this->user->full_name;
} else {
$encode['last_user'] = '';
}
$encoded = json_encode($encode);
$credentials = $this->encrypt->encode($encoded);
$i = 0;
do {
if (strpos($credentials, "\"") != false) {
$credentials = $this->encrypt->encode($encoded);
} else {
$i = 1;
}
} while ($i = 0);
// TODO - fix this SQL with proper escaping
$sql = '/* discovery::discover_subnet */ INSERT INTO oa_temp (temp_id, temp_name, temp_value, temp_timestamp) VALUES (null, "Subnet Credentials - ' . $subnet_range . '", "' . $credentials . '", "' . $timestamp . '")';
$query = $this->db->query($sql);
$credentials = "";
// create a network group if provided a subnet that includes a slash in the string and
// auto create network is set in the config to 'y'
if (strpos($subnet_range, "/")) {
// we have a subnet_range - if it's not a /32, then test for a group
$subnet_split = explode("/", $subnet_range);
$subnet_details = network_details($subnet_split[0] . '/' . $subnet_split[1]);
if (!isset($this->config->config['network_group_subnet']) or $this->config->config['network_group_subnet'] == '') {
$net_group_subnet = '30';
} else {
$net_group_subnet = $this->config->config['network_group_subnet'];
}
if (isset($this->config->config['network_group_auto_create']) and $this->config->config['network_group_auto_create'] != 'n' and $subnet_split[1] < $net_group_subnet) {
// we want to auto create network groups
// test if a network group exists with the matching definition
$group_dynamic_select = "SELECT distinct(system.id) FROM system, ip WHERE ( ip.version = '4' AND ip.ip >= '" . ip_address_to_db($subnet_details->host_min) . "' and ip.ip <= '" . ip_address_to_db($subnet_details->host_max) . "' and ip.netmask = '" . $subnet_details->netmask . "' and ip.system_id = system.id and ip.current = 'y' and system.status = 'production') UNION SELECT distinct(system.id) FROM system WHERE (system.ip >= '" . ip_address_to_db($subnet_details->host_min) . "' and system.ip <= '" . ip_address_to_db($subnet_details->host_max) . "' and system.status = 'production')";
$start = explode(' ', microtime());
$sql = "/* discovery::discover_subnet */ SELECT * FROM oa_group WHERE group_dynamic_select = ? ";
$data = array($group_dynamic_select);
$query = $this->db->query($sql, $data);
if ($query->num_rows() > 0) {
// group exists - no need to do anything
} else {
// group does not exist - insert
$log_details->message = "Creating Group for {$subnet_range}";
stdlog($log_details);
$sql = "/* discovery::discover_subnet */ INSERT INTO oa_group (group_id, group_name, group_padded_name, group_dynamic_select, group_parent, group_description, group_category, group_icon) VALUES (null, ?, ?, ?, '1', ?, 'network', 'switch')";
$group_name = "Network - " . $subnet_details->network . ' / ' . $subnet_details->network_slash;
$group_padded_name = "Network - " . ip_address_to_db($subnet_details->network);
$data = array("{$group_name}", "{$group_padded_name}", "{$group_dynamic_select}", $subnet_details->network);
$query = $this->db->query($sql, $data);
$insert_id = $this->db->insert_id();
// We need to insert an entry into oa_group_user for any Admin level user
$sql = "/* discovery::discover_subnet */ INSERT INTO oa_group_user (SELECT null, oa_user.id, ?, '10' FROM oa_user WHERE admin = 'y')";
$data = array($insert_id);
$result = $this->db->query($sql, $data);
// now we update this specific group
// this accounts for if another system has a IP that would fall in this group, but was submitted
// without a subnet_range and no matching network group was previously created.
// update the group with all systems that match
$this->load->model('m_oa_group');
$this->m_oa_group->update_specific_group($insert_id);
}
}
}
if (php_uname('s') != 'Windows NT') {
$filepath = $this->config->config['base_path'] . '/other';
} else {
$filepath = $this->config->config['base_path'] . '\\other';
}
# if we are supplied a network address, use it
if (isset($_POST['network_address']) and $_POST['network_address'] > '') {
if (strpos($_POST['network_address'], '/')) {
$i = explode('/', base_url());
$temp_network_address = $i[2];
$url = str_replace($temp_network_address, $_POST['network_address'], base_url());
} else {
$url = 'http://' . $_POST['network_address'] . '/open-audit/';
}
# if not, check if we have on in the config and use it
} elseif (isset($this->config->config['default_network_address']) and $this->config->config['default_network_address'] > '') {
if (strpos($this->config->config['default_network_address'], '/')) {
$i = explode('/', base_url());
$temp_network_address = $i[2];
} else {
$temp_network_address = $this->config->config['default_network_address'];
}
$url = str_replace($temp_network_address, $this->config->config['default_network_address'], base_url());
# if nothing, then just try the base_url - this will likely use 127.0.0.1 and fail...
# TODO - fix this
} else {
$url = base_url();
}
unset($temp_network_address);
if (!empty($_POST['use_https'])) {
$url = str_ireplace('http://', 'https://', $url);
}
if (!empty($this->config->config['discovery_nmap_os'])) {
$nmap_os = $this->config->config['discovery_nmap_os'];
} else {
$nmap_os = 'n';
}
if (php_uname('s') != 'Windows NT') {
if ($subnet_range != '') {
if ($display == 'y') {
// run the script and wait for the output so we can echo it.
$command_string = "{$filepath}/discover_subnet.sh subnet_range={$subnet_range} url=" . $url . "index.php/discovery/process_subnet submit_online=n echo_output=y create_file=n debugging=0 subnet_timestamp=\"{$timestamp}\" os_scan=" . $nmap_os . " 2>&1";
@exec($command_string, $output, $return_var);
echo 'DEBUG - Command Executed: ' . $command_string . "\n";
echo 'DEBUG - Return Value: ' . $return_var . "\n";
echo "DEBUG - Command Output:\n";
$output_new = str_replace("<", "<", $output);
print_r($output_new);
if ($return_var != '0') {
$error = 'Discovery subnet starting script discover_subnet.sh (' . $subnet_range . ') has failed';
$log_details->message = $error;
stdlog($log_details);
} else {
$script_result = '';
foreach ($output as $line) {
$script_result .= $line . "\n";
}
$script_result = preg_replace('/\\s+/', ' ', $script_result);
$script_result = str_replace("> <", "><", $script_result);
$_POST['form_details'] = trim($script_result);
$this->process_subnet();
}
exit;
} else {
// run the script and continue (do not wait for result)
#$command_string = "nohup $filepath/discover_subnet.sh subnet_range=$subnet_range url=".$url."index.php/discovery/process_subnet submit_online=y echo_output=n create_file=n debugging=0 subnet_timestamp=\"$timestamp\" os_scan=" . $nmap_os . " > /dev/null 2>&1 &";
$command_string = "{$filepath}/discover_subnet.sh subnet_range={$subnet_range} url=" . $url . "index.php/discovery/process_subnet submit_online=y echo_output=n create_file=n debugging=0 subnet_timestamp=\"{$timestamp}\" os_scan=" . $nmap_os . " > /dev/null 2>&1 &";
if (php_uname('s') == 'Linux') {
$command_string = 'nohup ' . $command_string;
}
@exec($command_string, $output, $return_var);
if ($return_var != '0') {
$error = 'Discovery subnet starting script discover_subnet.sh (' . $subnet_range . ') has failed';
$log_details->message = $error;
stdlog($log_details);
} else {
$error = 'Discovery subnet starting script discover_subnet.sh (' . $subnet_range . ') has started';
$log_details->message = $error;
stdlog($log_details);
}
}
$command_string = null;
$output = null;
$return_var = null;
}
}
if (php_uname('s') == 'Windows NT') {
if ($subnet_range > '') {
if ($display == 'y') {
// run the script and wait for the output so we can echo it.
$command_string = "%comspec% /c start /b cscript //nologo {$filepath}\\discover_subnet.vbs subnet_range={$subnet_range} url=" . $url . "index.php/discovery/process_subnet submit_online=n echo_output=y create_file=n debugging=0 subnet_timestamp=\"{$timestamp}\" os_scan=" . $nmap_os;
@exec($command_string, $output, $return_var);
echo 'DEBUG - Command Executed: ' . $command_string . "\n";
echo 'DEBUG - Return Value: ' . $return_var . "\n";
echo "DEBUG - Command Output:\n";
$output_new = str_replace("<", "<", $output);
print_r($output_new);
if ($return_var != '0') {
$error = 'Discovery subnet starting script discover_subnet.vbs (' . $subnet_range . ') has failed';
$log_details->message = $error;
stdlog($log_details);
} else {
$script_result = '';
foreach ($output as $line) {
$script_result .= $line;
}
$script_result = preg_replace('/\\s+/', ' ', $script_result);
$script_result = str_replace("> <", "><", $script_result);
$_POST['form_details'] = $script_result;
$_POST['debug'] = true;
$this->process_subnet();
}
} else {
// run the script and continue (do not wait for result)
$command_string = "%comspec% /c start /b cscript //nologo {$filepath}\\discover_subnet.vbs subnet_range={$subnet_range} url=" . $url . "index.php/discovery/process_subnet submit_online=y echo_output=n create_file=n debugging=0 subnet_timestamp=\"{$timestamp}\" os_scan=" . $nmap_os;
pclose(popen($command_string, "r"));
}
}
}
unset($log_details);
if ($display != 'y') {
// redirect to the log page or the device details
if (isset($this->data['type']) and $this->data['type'] === 'device') {
// function was called from device details page - redirect back there
redirect('main/system_display/' . $this->data['system_id']);
} else {
// function was called from Discovery page, redirect to log viewer
redirect('admin/view_log');
}
}
}
}
public function system_summary()
{
# outputs a JSON formatted summary of an individual system
# designed to be called from Open-AudIT Enterprise
$this->load->model("m_system");
$this->data['id'] = $this->m_system->get_system_id($this->data['id']);
if ($this->data['id'] > '0') {
// we must check to see if the user has at least VIEW permission on the system
$this->data['access_level'] = $this->m_system->get_system_access_level($this->data['id'], $this->user->id);
if ($this->data['access_level'] < '1') {
// not even VIEW BASIC permission - redirect
redirect('main');
}
} else {
// not a valid system (id, hostname)
redirect('main');
}
$this->load->model("m_oa_location");
$this->load->model("m_oa_org");
$this->data['query'] = $this->m_system->system_summary($this->data['id']);
$this->data['query'][0]->ip = ip_address_from_db($this->data['query'][0]->ip);
print_r(json_encode($this->data['query']));
}
public function system_snmp()
{
// check to make sure we have SNMP capability
# TODO - provide a message saying SNMP extension not loaded
if (!extension_loaded('snmp')) {
redirect('main/list_devices');
}
$this->load->model("m_system");
$this->load->model("m_audit_log");
$this->load->model("m_devices_components");
$this->load->library('encrypt');
$this->load->helper('snmp');
$this->load->helper('snmp_oid');
$details = new stdClass();
$details->id = $this->uri->segment(3, 0);
$credentials = $this->m_devices_components->read($details->id, 'y', 'credential');
foreach ($credentials as $credential) {
if (!empty($credential->type) and $credential->type == 'snmp') {
break;
}
}
$details->hostname = $this->m_devices_components->read($details->id, 'y', 'system', '', 'hostname');
if ($details->hostname == '-') {
$details->hostname = '';
}
$details->ip = ip_address_from_db($this->m_devices_components->read($details->id, 'y', 'system', '', 'ip'));
$details->show_output = true;
# set up the pop up page
echo "<html>\n\t\t<head>\n\t\t<script type=\"text/javascript\">\n\t\twindow.onunload = refreshParent;\n\t\tfunction refreshParent()\n\t\t{\n\t\t\twindow.opener.location.reload();\n\t\t}\n\t\tfunction CloseMe()\n\t\t{\n\t\t\twindow.opener.location.reload();\n\t\t\twindow.close();\n\t\t}\n\t\t</script>\n\t\t</head>\n\t\t<body>\n\t\t<h3 style='text-align: center'>Open-AudIT SNMP Scan</h3>\n\t\t<p style='font-family: \"Verdana\",\"Lucida Sans Unicode\",\"Lucida Sans\",sans-serif; font-size: 12px;'>\n\t\t<pre>";
# audit the device via snmp
#if ($temp_array = get_snmp($details)) {
if ($temp_array = snmp_audit($details->ip, $credential->attributes, 'y')) {
if (!empty($temp_array['details'])) {
foreach ($temp_array['details'] as $key => $value) {
if (!empty($value)) {
$details->{$key} = $value;
}
}
$details->last_seen_by = 'snmp';
$details->audits_ip = '127.0.0.1';
}
} else {
echo "Error - nothing returned when SNMP routine executed.";
}
$network_interfaces = $temp_array['interfaces'];
$ip = $temp_array['ip'];
unset($guests);
if (isset($temp_array['guests']) and count($temp_array['guests']) > 0) {
$guests = $temp_array['guests'];
}
$modules = $temp_array['modules'];
$details->last_seen_by = 'snmp';
$details->last_seen = $this->config->config['timestamp'];
$details->last_user = $this->user->full_name;
$details->audits_ip = '127.0.0.1';
if ($this->config->item('discovery_use_dns') == 'y') {
$details = dns_validate($details, 'y');
}
#unset($details->type);
unset($details->show_output);
unset($details->ip);
echo "<pre>\n";
if (isset($details->snmp_oid) and $details->snmp_oid > '') {
$details->original_timestamp = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen');
$this->m_system->update_system($details);
if (isset($this->user->full_name)) {
$temp_user = $this->user->full_name;
} else {
$temp_user = '';
}
$this->m_audit_log->create($details->id, $temp_user, $details->last_seen_by, $details->audits_ip, '', '', $details->last_seen);
unset($temp_user);
# update any network interfaces and ip addresses retrieved by SNMP
$details->last_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen');
$details->first_seen = $this->m_devices_components->read($details->id, 'y', 'system', '', 'first_seen');
$details->original_last_seen_by = $this->m_devices_components->read($details->id, 'y', 'system', '', 'last_seen_by');
if (isset($network_interfaces) and is_array($network_interfaces) and count($network_interfaces) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $network_interfaces;
$this->m_devices_components->process_component('network', $details, $input, 'y');
}
if (isset($ip->item) and count($ip->item) > 0) {
$this->m_devices_components->process_component('ip', $details, $ip, 'y');
}
# insert any found virtual machines
if (isset($guests) and is_array($guests) and count($guests) > 0) {
$vm = new stdClass();
$vm->item = array();
$vm->item = $guests;
$this->m_devices_components->process_component('vm', $details, $vm, 'y');
}
# insert any modules
if (isset($modules) and is_array($modules) and count($modules) > 0) {
$input = new stdClass();
$input->item = array();
$input->item = $modules;
$this->m_devices_components->process_component('module', $details, $input, 'y');
}
// Generate any DNS entries required
$dns = new stdClass();
$dns->item = array();
$dns->item = $this->m_devices_components->create_dns_entries((int) $details->id);
if (count($dns->item) > 0) {
$this->m_devices_components->process_component('dns', $details, $dns, 'y');
}
unset($dns);
// insert a blank to indicate we're finished this part of the discovery
// if required, the audit scripts will insert their own audit logs
$this->m_audit_log->update('debug', '', $details->id, $details->last_seen);
} else {
echo "Audit NOT submitted.";
}
echo "<div align=\"center\"><input type=\"button\" value=\"Close\" onclick=\"CloseMe();\"/></div></p>\n</body>\n</html>";
}
</td>
<td><?php
echo print_something($key->system_audits_username);
?>
</td>
<td><?php
echo print_something($key->system_audits_type);
?>
</td>
<td><?php
echo print_something($key->timestamp);
?>
</td>
<?php
if (isset($key->system_audits_ip)) {
echo "<td><span style=\"display:none;\">" . print_something($key->system_audits_ip) . "</span>" . print_something(ip_address_from_db($key->system_audits_ip)) . "</td>\n";
} else {
echo "<td></td>";
}
?>
<td><?php
echo print_something($key->system_audits_time);
?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
function get_snmp($details)
{
$CI =& get_instance();
if (!isset($details->system_id) or $details->system_id == '') {
$details->snmp_community = 'public';
$details->snmp_version = '2c';
$details->snmp_port = '161';
} else {
$encrypted_access_details = $CI->m_system->get_access_details($details->system_id);
if ($encrypted_access_details == '') {
}
$decoded_access_details = $CI->encrypt->decode($encrypted_access_details);
$decoded_access_details = json_decode($decoded_access_details);
$details->snmp_community = @$decoded_access_details->snmp_community;
$details->snmp_version = @$decoded_access_details->snmp_version;
$details->snmp_port = @$decoded_access_details->snmp_port;
$details->man_ip_address = @$decoded_access_details->ip_address;
}
if (!isset($details->snmp_community) or $details->snmp_community == '') {
$details->snmp_community = 'public';
}
if (!isset($details->snmp_version) or $details->snmp_version == '') {
$details->snmp_version = '';
}
if (!isset($details->snmp_port) or $details->snmp_port == '') {
$details->snmp_port = '161';
}
# we may only have been given a system_id
# but if the access_details were completed, that may be enough
# if they weren't, we would at least need a hostname ot ip address
if (!isset($details->man_ip_address) and !isset($details->hostname)) {
return;
}
$module = new stdclass();
if ((!isset($details->hostname) or $details->hostname == '') and (isset($details->man_ip_address) and $details->man_ip_address != '' and $details->man_ip_address != '000.000.000.000' and $details->man_ip_address != '0.0.0.0')) {
$details->hostname = gethostbyaddr(ip_address_from_db($details->man_ip_address));
}
if ((!isset($details->man_ip_address) or $details->man_ip_address == '' or $details->man_ip_address == '0.0.0.0' or $details->man_ip_address == '000.000.000.000') and (isset($details->hostname) and $details->hostname != '')) {
$details->man_ip_address = gethostbyname($details->hostname);
}
if (filter_var($details->hostname, FILTER_VALIDATE_IP)) {
# we did not get a valid hostname back :-(
} else {
# we have a name of some sort
if (strpos($details->hostname, ".") !== FALSE) {
# fqdn - explode it
if (!isset($details->fqdn) or $details->fqdn == '') {
$details->fqdn = $details->hostname;
}
$i = explode(".", $details->hostname);
$details->hostname = $i[0];
if (!isset($details->domain) or $details->domain == '') {
unset($i[0]);
$details->domain = implode(".", $i);
}
} else {
# it's just a name
}
}
$timeout = '300000';
$retries = '2';
if (!extension_loaded('snmp')) {
return $details;
}
# test for SNMP version
# to do - test for v3
if ($details->snmp_version == '') {
if ($test_v1 = @snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.5.0", $timeout)) {
# ok, we have v1
$details->snmp_version = '1';
}
if ($test_v2 = @snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.5.0", $timeout)) {
# ok, we have v2
$details->snmp_version = '2c';
}
}
if ($details->snmp_version == '2c') {
snmp_set_oid_output_format(SNMP_OID_OUTPUT_NUMERIC);
// test for connectivity
$test_connect = @snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.5.0", $timeout, $retries);
if ($test_connect) {
// printer duplex
$details->printer_duplex = '';
$i = @snmp2_walk($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.43.13.4.1.10.1");
if (count($i) > 0) {
$details->printer_duplex = 'False';
for ($k = 0; $k < count($i); $k++) {
if (mb_strpos($i[$k], "Duplex") !== FALSE) {
$details->printer_duplex = 'True';
}
}
}
// sysObjectID
#$i = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.1.0" ));
$details->snmp_oid = str_replace("OID: .", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.2.0"));
if (strtolower($details->snmp_oid) == 'no such object available on this agent at this oid') {
$details->snmp_oid = '';
}
if ($details->snmp_oid > '') {
$oid = get_oid($details->snmp_oid);
$details->manufacturer = $oid->manufacturer;
$details->man_manufacturer = $oid->manufacturer;
$details->model = $oid->model;
$details->man_model = $oid->model;
$details->type = $oid->type;
$details->device_type = $oid->type;
$details->man_type = $oid->type;
$details->os_group = $oid->os_group;
$details->man_os_group = $oid->os_group;
}
if ($details->snmp_oid == '1.3.6.1.4.1.8072.3.2.255') {
# a generic OID - take some guesses...
$i = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.1.0"));
if (strpos($i, "Darwin Kernel Version 12") !== FALSE) {
# looks like an OSX device
$details->manufacturer = "Apple Inc";
}
}
if ($details->snmp_oid == '1.3.6.1.4.1.6876.4.1') {
# grab some specific details for VMware ESX
$model = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.4.1.6876.1.1.0"));
$version = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.4.1.6876.1.2.0"));
$details->model = $model . " (" . $version . ")";
$details->model = str_replace("\"", "", $details->model);
$details->man_model = $details->model;
$details->os_group = "VMware";
$details->man_os_group = "VMware";
$details->os_family = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.4.1.6876.1.1.0"));
$details->os_family = str_replace("\"", "", $details->os_family);
$details->man_os_family = $details->os_family;
$details->os_name = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.1.0"));
$details->os_name = str_replace("\"", "", $details->os_name);
$details->man_os_name = $details->os_name;
$details->type = 'computer';
$details->man_type = 'computer';
$details->device_type = 'computer';
$details->man_class = 'hypervisor';
}
if (substr($details->snmp_oid, 0, 13) == '1.3.6.1.4.1.9') {
# grab some Cisco specific details
$i = explode("\$", @snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.4.1.9.9.25.1.1.1.2.5"));
$details->os_version = trim($i[1]);
$i = @snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.4.1.9.9.25.1.1.1.2.7");
if (strpos($i, "IOS") !== FALSE) {
$details->os_group = 'Cisco';
$details->man_os_group = 'Cisco';
$details->os_family = 'Cisco IOS';
$details->man_os_family = 'Cisco IOS';
$details->os_name = "Cisco IOS version " . $details->os_version;
$details->man_os_name = "Cisco IOS version " . $details->os_version;
}
if (strpos($i, "Catalyst Operating") !== FALSE) {
$details->os_group = 'Cisco';
$details->man_os_group = 'Cisco';
$details->os_family = 'Cisco Catalyst OS';
$details->man_os_family = 'Cisco Catalyst OS';
$detail->os_name = "Cisco Catalyst OS version " . $details->os_version;
$detail->man_os_name = "Cisco Catalyst OS version " . $details->os_version;
}
}
// manufacturer
if (!isset($details->manufacturer) or $details->manufacturer == '') {
$hex = @snmp2_walk($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.43.8.2.1.14.1");
if (count($hex) > 0) {
if (isset($hex[1])) {
if (mb_strpos($hex[1], "Hex-STRING: ") !== FALSE) {
$hex[1] = str_replace("Hex-STRING: ", "", $hex[1]);
for ($i = 0; $i < strlen($hex[1]); $i++) {
$details->manufacturer .= chr(hexdec(substr($hex[1], $i, 2)));
}
} else {
$details->manufacturer = str_replace("STRING: ", "", $hex[1]);
$details->manufacturer = str_replace('"', '', $details->manufacturer);
}
}
}
if ($details->manufacturer == '' or $details->manufacturer == 'No Such Object available on this agent at this OID') {
$details->manufacturer = str_replace("\"", "", str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.47.1.1.1.1.12.1")));
}
}
if ($details->manufacturer == 'No Such Instance currently exists at this OID') {
$details->manufacturer = '';
}
if ($details->manufacturer == 'No Such Object available on this agent at this OID') {
$details->manufacturer = '';
}
// serial
if (!isset($details->serial) or $details->serial == '') {
# generic snmp
$details->serial = str_replace('"', '', str_replace("STRING: ", "", @snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.43.5.1.1.17.1")));
if ($details->serial == 'No Such Instance currently exists at this OID') {
$details->serial = '';
}
if ($details->serial == 'No Such Object available on this agent at this OID') {
$details->serial = '';
}
if ($details->serial == 'No Such Instance currently exists at this OID') {
$details->serial = '';
}
# Generic Cisco
if ($details->serial == '') {
$details->serial = str_replace("\"", "", str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.47.1.1.1.1.11.1")));
if ($details->serial == 'No Such Instance currently exists at this OID') {
$details->serial = '';
}
if ($details->serial == 'No Such Object available on this agent at this OID') {
$details->serial = '';
}
if ($details->serial == 'No Such Instance currently exists at this OID') {
$details->serial = '';
}
}
# Cisco 37xx stack
if ($details->serial == '') {
$details->serial = str_replace("\"", "", str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.4.1.9.5.1.2.19.0")));
if ($details->serial == 'No Such Instance currently exists at this OID') {
$details->serial = '';
}
if ($details->serial == 'No Such Object available on this agent at this OID') {
$details->serial = '';
}
if ($details->serial == 'No Such Instance currently exists at this OID') {
$details->serial = '';
}
}
# remove false
if ($details->serial == 'No Such Instance currently exists at this OID') {
$details->serial = '';
}
if ($details->serial == 'No Such Object available on this agent at this OID') {
$details->serial = '';
}
if ($details->serial == 'No Such Instance currently exists at this OID') {
$details->serial = '';
}
}
$details->man_serial = $details->serial;
// mac address
if (!isset($details->mac_address) or $details->mac_address == '') {
$interface_number = @str_replace("INTEGER: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.4.20.1.2." . $details->man_ip_address));
$details->mac_address = @str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.2.2.1.6." . $interface_number));
$details->mac_address = @trim(str_replace("Hex-", "", $details->mac_address));
$details->mac_address = @str_replace(" ", ":", $details->mac_address);
# need to split and join because of the dropped 0's
$i = explode(":", $details->mac_address);
for ($k = 0; $k < count($i); $k++) {
if (strlen($i[$k]) == 1) {
$i[$k] = '0' . $i[$k];
}
if (strlen($i[$k]) == 0) {
$i[$k] = '00';
}
}
$details->mac_address = strtoupper(implode(":", $i));
if ($details->mac_address == '00') {
$details->mac_address = '';
}
}
// type
if (!isset($details->type) or $details->type == '') {
$h = str_replace("OID: HOST-RESOURCES-TYPES::hrDevice", "", str_replace("STRING: ", "", @snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.25.3.2.1.2.1")));
if (strtolower($h) == 'no such object available on this agent at this oid' or $h == '') {
# If the device is a Switch, the OID 1.3.6.1.2.1.17.1.2.0 and OID 1.3.6.1.2.1.4.1.0 should have a value of 2
$i = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.17.1.2.0"));
$j = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.4.1.0"));
if ($i == '2' and $j == '2') {
$details->type = 'switch';
}
# If the device is a Router, the OID 1.3.6.1.2.1.4.1.0 should have a value of 1
if (!isset($details->type) or $details->type == '') {
$i = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.4.1.0"));
if ($i == '1') {
$device->type = 'router';
}
}
# If the device is a Printer, the OID 1.3.6.1.2.1.43.5.1.1.1.1 should have a value
if (!isset($details->type) or $details->type == '') {
$i = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.43.5.1.1.1.1"));
if ($i == '1') {
$device->type = 'printer';
}
}
}
}
if (isset($details->type) and $details->type != '' and (!isset($details->man_type) or $details->man_type == '')) {
$details->man_type = $details->type;
}
// model
if (!isset($details->model) or $details->model == '') {
$details->model = str_replace("STRING: ", "", @snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.25.3.2.1.3.1"));
if ($details->model == '' or $details->model == 'No Such Object available on this agent at this OID') {
if (strpos(strtolower($details->manufacturer), 'cisco') !== FALSE) {
$details->model = str_replace("\"", "", str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.47.1.1.1.1.13.1")));
}
}
}
if (strtolower($details->model) == 'no such object available on this agent at this oid') {
$details->model = '';
}
// name
if (!isset($details->sysname) or $details->sysname == '') {
$details->sysname = strtolower(str_replace("\"", "", str_replace("STRING: ", "", @snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.5.0"))));
}
if (strtolower($details->sysname) == 'no such object available on this agent at this oid') {
$details->sysname = '';
}
// description
if (!isset($details->description) or $details->description == '') {
$details->description = str_replace("\"", "", str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.1.0")));
$details->description = str_replace("\r\n", " ", $details->description);
}
if (strtolower($details->description) == 'no such object available on this agent at this oid') {
$details->description = '';
}
// uptime
if (!isset($details->uptime) or $details->uptime == '') {
$i = str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.3.0"));
if ($i > '' and strpos($i, ")") !== FALSE) {
$j = explode(")", $i);
$details->uptime = trim($j[1]);
} else {
$details->uptime = '';
}
}
// location
if (!isset($details->location) or $details->location == '') {
$details->location = str_replace("\"", "", str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.6.0")));
}
if ($details->location == 'Unknown (edit /etc/snmp/snmpd.conf)') {
$details->location = '';
}
if ($details->location == 'not set') {
$details->location = '';
}
if ($details->location == 'No Such Object available on this agent at this OID') {
$details->location = '';
}
if ($details->location > '') {
$details->description = "Location: " . $details->location . ". " . $details->description;
}
// contact
if (!isset($details->contact) or $details->contact == '') {
$details->contact = str_replace("\"", "", str_replace("STRING: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.4.0")));
}
if ($details->contact == 'Root (configure /etc/snmp/snmpd.conf)') {
$details->contact = '';
}
if ($details->contact == 'not set') {
$details->contact = '';
}
if ($details->contact > '') {
$details->description = "Contact: " . $details->contact . ". " . $details->description;
}
// subnet
if (!isset($details->subnet) or $details->subnet == '') {
$details->subnet = @str_replace("IpAddress: ", "", snmp2_get($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.4.20.1.3." . $details->man_ip_address));
}
if ($details->subnet == 'No Such Instance currently exists at this OID') {
$details->subnet = '';
}
if ($details->subnet == 'No Such Object available on this agent at this OID') {
$details->subnet = '';
}
/*
// installed modules with serial numbers
$i = @snmp2_walk($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.47.1.1.1.1.11");
if (count($i) > 0) {
if (($i[0] == 'No more variables left in this MIB View (It is past the end of the MIB tree)') or ($i[0] == '')){unset($i); $i = array();}
if (count($i) > 0) {
$count = 0;
for ($j=0; $j<count($i); $j++) {
if ((mb_strpos($i[$j], $details->serial) === FALSE) and ($i[$j] != "") and ($i[$j] != "\"\"")){
$k = $j + 1;
$k = "1.3.6.1.2.1.47.1.1.1.1.3." . $k;
$oid = snmp2_get($details->man_ip_address, $details->snmp_community, $k);
$oid = str_replace("OID: .", "", $oid);
$module->$count = get_oid($oid);
$module->$count->serial = str_replace("STRING: ", "", $i[$j]);
$module->$count->serial = str_replace('"', '', $module->$count->serial);
$count++;
}
}
$details->modules = $module;
}
}
*/
}
}
if ($details->snmp_version == '1') {
$details->snmp_oid = '';
$details->snmp_oid = str_replace("OID: .", "", snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.2.0"));
if (strtolower($details->snmp_oid) == 'no such object available on this agent at this oid') {
$details->snmp_oid = '';
}
if ($details->snmp_oid > '') {
$oid = get_oid($details->snmp_oid);
$details->manufacturer = $oid->manufacturer;
$details->man_manufacturer = $oid->manufacturer;
$details->model = $oid->model;
$details->man_model = $oid->model;
$details->type = $oid->type;
$details->device_type = $oid->type;
$details->man_type = $oid->type;
$details->os_group = $oid->os_group;
$details->man_os_group = $oid->os_group;
}
if ($details->oid == '1.3.6.1.4.1.714.1.2.6') {
# We have a Wyse thin client - some specifics.
$details->serial = str_replace("String: .", "", snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.4.1.714.1.2.6.2.1.0"));
$details->sysname = str_replace("String: .", "", snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.5.0"));
$details->description = str_replace("String: .", "", snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.1.0"));
$details->contact = str_replace("String: .", "", snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.4.0"));
if ($details->contact > '') {
$details->description = "Contact: " . $details->contact . ". " . $details->description;
}
$details->location = str_replace("String: .", "", snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.6.0"));
if ($details->location > '') {
$details->description = "Location: " . $details->location . ". " . $details->description;
}
}
$interface_number = str_replace("INTEGER: ", "", @snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.4.20.1.2." . $details->man_ip_address));
$i = "1.3.6.1.2.1.2.2.1.6." . $interface_number;
$details->mac_address = snmpget($details->man_ip_address, $details->snmp_community, $i);
$details->mac_address = trim(str_replace("Hex-STRING: ", "", $details->mac_address));
$details->mac_address = str_replace(" ", ":", $details->mac_address);
$details->subnet = str_replace("IpAddress: ", "", snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.4.20.1.3." . $details->man_ip_address));
$details->hostname = trim(str_replace("\"", "", str_replace("STRING: ", "", snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.1.5.0"))));
$details->next_hop = str_replace("IpAddress: ", "", snmpget($details->man_ip_address, $details->snmp_community, "1.3.6.1.2.1.4.21.1.7.0.0.0.0"));
}
// update the system
#if ($details->snmp_version > '') {
#$CI2->m_system->process_snmp($details);
return $details;
#}
}
<th style="text-align: center;">Icon</th>
<th><?php echo __('System Name')?></th>
<th><?php echo __('DB Table')?></th>
<th><?php echo __('DB Action')?></th>
<th><?php echo __('Details')?></th>
<th width="150" align="middle" class='{sorter: false}'>
<button onclick="document.alertform.submit();"><?php echo __('Acknowledge') ?></button>
<input type="checkbox" valign="absmiddle" id="alert_id_0" name="alert_id_0" onchange="alter_all_alerts();"/>
</th>
</tr>
</thead>
<tbody>
<?php foreach ($query as $key): ?>
<tr>
<td><?php echo $key->{'change_log.timestamp'}?></td>
<td><span style="display: none;"><?php echo $key->ip?></span><?php echo ip_address_from_db($key->{'system.ip'})?></td>
<td style="text-align: center;"><img src="<?php echo $oa_theme_images ?>/16_<?php echo $key->{'system.icon'}; ?>.png" style='border-width:0px;' title="" alt=""/></td>
<td><a class="SystemPopupTrigger" rel="<?php echo intval($key->{'system.id'}); ?>" href="<?php echo base_url()?>index.php/main/system_display/<?php echo intval($key->{'system.id'})?>"><?php echo htmlentities($key->{'system.name'})?></a></td>
<td><?php echo htmlentities($key->{'change_log.db_table'})?></td>
<td><?php echo htmlentities($key->{'change_log.db_action'})?></td>
<td><?php echo htmlentities($key->{'change_log.details'})?></td>
<td align='center'><input type="checkbox" id="alert_id_<?php echo intval($key->{'change_log.id'})?>" name="alert_id_<?php echo intval($key->{'change_log.id'})?>" /></td>
</tr>
<?php endforeach;
?>
</tbody>
</table>
</form>
</div>
<?php
if ($row->$column_variable_name == "") {
$row->$column_variable_name = "unknown";
}
if ($column_align == '') {
$column_align = 'center';
}
if ($column->column_name == 'Icon') {
echo "\t\t\t<td style=\"text-align: center;\"><img src=\"".str_replace("index.php", "", site_url())."theme-tango/tango-images/16_".strtolower(str_replace(" ", "_", htmlentities($row->$column_variable_name))).".png\" style='border-width:0px;' title=\"".htmlentities($row->$column_variable_name_sec)."\" alt=\"".htmlentities($row->$column_variable_name_sec)."\" /></td>\n";
}
if ($column->column_name == 'Picture') {
echo "\t\t\t<td style=\"text-align: center;\"><img src=\"".str_replace("index.php", "", site_url())."device_images/".htmlentities($row->$column_variable_name).".jpg\" style='border-width:0px; height:100px' title=\"".htmlentities($row->$column_variable_name_sec)."\" alt=\"".htmlentities($row->$column_variable_name_sec)."\" /></td>\n";
}
break;
case "ip_address":
echo "\t\t\t<td style=\"text-align: $column_align;\"><span style=\"display: none;\">".htmlentities(str_replace(',', '', ip_address_to_db($row->$column_variable_name)))." </span>".htmlentities(ip_address_from_db($row->$column_variable_name))."</td>\n";
break;
case "multi":
echo "\t\t\t<td style=\"text-align: $column_align;\">".str_replace(", ", ",<br />", htmlentities($row->$column_variable_name))."</td>\n";
break;
case "timestamp":
echo "\t\t\t<td style=\"text-align: $column_align;\">".htmlentities($row->$column_variable_name)."</td>\n";
break;
case "url":
$href = '';
if ($column_variable_name_ter > '') {
$image = base_url()."theme-tango/tango-images/16_".htmlentities($column_variable_name_ter).".png";
} else {
var http = createRequestObject();
function display_credentials() {
<?php
if (isset($this->config->config['show_passwords']) and $this->config->config['show_passwords'] != 'y') {
$password_field = 'password';
} else {
$password_field = 'text';
}
if (isset($this->config->config['show_snmp_community']) and $this->config->config['show_snmp_community'] != 'y') {
$snmp_community_field = 'password';
} else {
$snmp_community_field = 'text';
}
?>
status_text="<p><label for='ip_address'><?php echo __("IP Address"); ?>: <\/label><input type='text' id='ip_address' name='ip_address' value='<?php if (isset($decoded_access_details->ip_address) and $decoded_access_details->ip_address > '') { echo $decoded_access_details->ip_address; } elseif (isset($system[0]->ip) and $system[0]->ip != '' and $system[0]->ip != '000.000.000.000' and $system[0]->ip != '0.0.0.0') { echo ip_address_from_db($system[0]->ip); } ?>' \/><\/p> \
<p><label for='snmp_version'><?php echo __("SNMP Version"); ?>: <\/label><input type='text' id='snmp_version' name='snmp_version' value='<?php if (isset($decoded_access_details->snmp_version) and $decoded_access_details->snmp_version > '') { echo $decoded_access_details->snmp_version; } else { echo '2c'; } ?>' \/><\/p> \
<p><label for='snmp_community'><?php echo __("SNMP Community"); ?>: <\/label><input type='<?php echo $snmp_community_field; ?>' id='snmp_community' name='snmp_community' value='<?php if (isset($decoded_access_details->snmp_community) and $decoded_access_details->snmp_community > '') { echo $decoded_access_details->snmp_community; } else { echo $this->config->item('default_snmp_community'); } ?>' \/><\/p> \
<p><label for='ssh_username'><?php echo __("SSH Username"); ?>: <\/label><input type='text' id='ssh_username' name='ssh_username' value='<?php echo $decoded_access_details->ssh_username; ?>' \/><\/p> \
<p><label for='ssh_password'><?php echo __("SSH Password"); ?>: <\/label><input type='<?php echo $password_field; ?>' id='ssh_password' name='ssh_password' value='<?php echo $decoded_access_details->ssh_password; ?>'\ /><\/p> \
<p><label for='windows_username'><?php echo __("Windows Username"); ?>: <\/label><input type='text' id='windows_username' name='windows_username' value='<?php echo $decoded_access_details->windows_username; ?>' \/><\/p> \
<p><label for='windows_password'><?php echo __("Windows Password"); ?>: <\/label><input type='<?php echo $password_field; ?>' id='windows_password' name='windows_password' value='<?php echo $decoded_access_details->windows_password; ?>' \/><\/p> \
<p><label for='windows_domain'><?php echo __("Windows Domain"); ?>: <\/label><input type='text' id='windows_domain' name='windows_domain' value='<?php if (isset($decoded_access_details->windows_domain) and $decoded_access_details->windows_domain > '') { echo $decoded_access_details->windows_domain; } elseif (isset($windows[0]->windows_domain_short)) { echo $windows[0]->windows_domain_short; } ?>' \/><\/p> \
<p><label for='submit'><?php echo __("Update Credentials"); ?>: <\/label><input type='submit' id='submit' name='submit' value='Submit' \/><\/p> \
<input type='hidden' id='system_id' name='system_id' value='<?php echo $system[0]->id; ?>' \/>";
document.getElementById("credentials").innerHTML = status_text;
}
function display_environment() {
status_text="<select id='environment' onchange='send_environment();'>\
<option value=' '><?php echo __("Choose an Environment"); ?><\/option>\
<thead>
<tr>
<td>ID</td>
<td>Icon</td>
<td>Type</td>
<td>Name</td>
<td>Domain</td>
<td>IP</td>
<td>Description</td>
<td>OS Family</td>
<td>Status</td>
</tr>
</thead>
<tbody>
<?php foreach ($this->response->devices as $item) { ?>
<tr>
<td><a href="devices/<?php echo htmlentities($item->id); ?>"><button type="button" class="btn btn-sm btn-success" aria-label="Left Align"><?php echo htmlentities($item->id); ?></button></a></td>
<td style="text-align: center;"><img src="<?php echo str_replace("index.php", "", site_url()); ?>device_images/<?php echo strtolower(str_replace(" ", "_", htmlentities($item->icon))); ?>.svg" style="border-width:0px; width:24px;" title="icon" alt="icon"/></td></td>
<td><?php echo $item->type; ?></td>
<td><?php echo $item->name; ?></td>
<td><?php echo $item->domain; ?></td>
<td><span style="display:none;"><?php echo $item->ip; ?></span><?php echo ip_address_from_db($item->ip); ?></td>
<td><?php echo $item->description; ?></td>
<td><?php echo $item->os_family; ?></td>
<td><?php echo $item->status; ?></td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</div>
function export_nmis()
{
if (!isset($_POST['export'])) {
# show the list
$this->data['heading'] = 'Export to NMIS';
$this->data['include'] = 'v_export_nmis';
$this->data['export_report'] = 'y';
$this->data['sortcolumn'] = '1';
$this->load->model("m_systems");
$this->load->model("m_oa_group_column");
$this->data['column'] = $this->m_oa_group_column->get_group_column($this->data['id']);
$this->data['group_id'] = $this->data['id'];
$this->data['query'] = $this->m_systems->get_group_systems($this->data['id']);
$this->load->view('v_template', $this->data);
} else {
$device_array = array();
foreach ($_POST as $key => $value) {
if (strpos($key, 'system_id_') !== FALSE) {
$i = explode("_", $key);
if ($i[2] > 0) {
$device_array[] .= $i[2];
}
}
}
$this->load->model("m_system");
$this->load->model("m_oa_group");
$this->load->library('encrypt');
$csv = "name,host,community,version,group,collect,role,net\n";
$query = array();
foreach ($device_array as $key => $value) {
$i = $this->m_system->export_nmis($value);
$query[] = $i[0];
}
foreach ($query as $device) {
if ($device->nmis_name == '' and $device->hostname > '') {
$device->nmis_name = $device->hostname;
}
if (filter_var($device->nmis_name, FILTER_VALIDATE_IP)) {
$device->nmis_name = ip_address_from_db($device->nmis_name);
}
$device->nmis_host = '';
if ($device->nmis_host == '' and $device->man_ip_address > '') {
$device->nmis_host = ip_address_from_db($device->man_ip_address);
}
if ($device->nmis_group == '') {
$device->nmis_group = 'Open-AudIT';
}
if ($device->nmis_role == '') {
$device->nmis_role = 'access';
}
$device->net = 'lan';
if ($device->access_details > '') {
$decoded = $this->encrypt->decode($device->access_details);
$decoded = json_decode($decoded);
$device->snmp_community = @$decoded->snmp_community;
$device->snmp_version = @$decoded->snmp_version;
$device->decoded = $decoded;
}
$device->snmp_version = @$device->snmp_version;
if ($device->snmp_version == '2c') {
$device->snmp_version = 'snmpv2c';
}
$device->snmp_community = @$device->snmp_community;
if ($device->snmp_community == '') {
$device->nmis_collect = 'false';
} else {
$device->nmis_collect = 'true';
}
unset($device->man_ip_address);
unset($device->hostname);
unset($device->fqdn);
unset($device->access_details);
$csv .= $device->nmis_name . "," . $device->nmis_host . "," . $device->snmp_community . "," . $device->snmp_version . "," . $device->nmis_group . "," . $device->nmis_collect . "," . $device->nmis_role . "," . $device->net . "\n";
}
$filename = '/usr/local/nmis8/conf/Nodes.open-audit';
$handle = fopen($filename, "w");
fwrite($handle, $csv);
fclose($handle);
$cmd = "/usr/local/nmis8/admin/import_nodes.pl csv={$filename} nodes=/usr/local/nmis8/conf/Nodes.nmis overwrite=true >> /usr/local/open-audit/other/open-audit.log 2>&1 &";
#echo $cmd;
exec($cmd);
#unlink($filename);
redirect('/admin/view_log');
}
}
/**
* [rss_report description].
*
* @param [type] $query [description]
*
* @return [type] [description]
*/
public function rss_report($query)
{
$this->load->helper('xml');
echo "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n";
echo "<rss version=\"2.0\" xmlns:dc=\"http://purl.org/dc/elements/1.1/\">\n";
echo "\t<channel>\n";
echo "\t\t<title>Open-AudIT</title>\n";
echo "\t\t<link>" . current_url() . "</link>\n";
echo "\t\t<description>" . $this->data['heading'] . "</description>\n";
echo "\t\t<language>" . $this->user->lang . "</language>\n";
foreach ($query as $details) {
$title = '';
$description = '';
echo "\t\t<item>\n";
foreach ($details as $attribute => $value) {
$value = html_entity_decode($value);
$category = '';
if ((string) $attribute === 'ip') {
$value = ip_address_from_db($value);
}
if ((string) $attribute === 'timestamp') {
$temp2 = strtotime($value);
$pub_date = date('D, d M Y h:i:s O', $temp2);
$description .= 'PubDate: ' . $pub_date . '<br />';
}
if ((string) $attribute === 'alert_details') {
$title .= $value;
$temp1 = explode('-', $value);
$category = trim($temp1[0]);
$description .= 'Category: ' . $category . "<br />\n";
}
if ((string) $attribute === 'system_id') {
$link = $value;
}
if ((string) $attribute === 'hostname') {
$title = strtoupper($value) . ' ' . $title;
}
$description .= $attribute . ': ' . $value . '<br />';
}
echo "\t\t\t<title><![CDATA[" . $title . "]]></title>\n";
echo "\t\t\t<pubDate>" . $pub_date . "</pubDate>\n";
echo "\t\t\t<link>" . site_url() . '/main/system_display/' . $link . "</link>\n";
echo "\t\t\t<description><![CDATA[" . $description . "]]></description>\n";
echo "\t\t\t<category>" . $category . "</category>\n";
echo "\t\t\t<dc:creator><![CDATA[\"Mark Unwin\" <*****@*****.**>]]></dc:creator>\n";
echo "\t\t</item>\n";
}
echo " </channel>\n</rss>\n";
header('Content-Type: application/rss+xml');
if ((string) $this->config->item('download_reports') === 'download') {
header('Content-Disposition: attachment;filename="' . $this->data['heading'] . '.rss"');
header('Cache-Control: max-age=0');
}
}
public function process_component($table = '', $details, $input, $display = 'n', $match_columns = array())
{
$create_alerts = $this->m_oa_config->get_config_item('discovery_create_alerts');
$delete_noncurrent = @$this->m_oa_config->get_config_item('delete_noncurrent');
$log_details = new stdClass();
$log_details->message = '';
$log_details->severity = 7;
$log_details->file = 'system';
if ($display != 'y') {
$display = 'n';
}
$log_details->display = $display;
unset($display);
if (empty($details->name) and !empty($details->hostname)) {
$name = $details->hostname;
} else {
$name = $details->name;
}
// ensure we have a valid table name
if (!$this->db->table_exists($table)) {
$log_details->message = 'Table supplied does not exist (' . $table . ') for '.@ip_address_from_db($details->ip).' ('.$name.')';
$log_details->severity = 5;
stdlog($log_details);
return;
}
if (!$input) {
$log_details->message = 'No input supplied (' . $table . ') for '.@ip_address_from_db($details->ip).' ('.$name.')';
$log_details->severity = 5;
stdlog($log_details);
return;
}
if (!isset($match_columns) or count($match_columns) == 0) {
$match_columns = $this->match_columns($table);
}
if ($table == '' or count($match_columns) == 0 or !isset($details->id)) {
if ($table == '') {
$log_details->message = 'No table supplied for '.@ip_address_from_db($details->ip).' ('.$name.')';
$message = "No table name supplied - failed";
}
if (count($match_columns) == 0) {
$log_details->message = 'No columns to match supplied for '.@ip_address_from_db($details->ip).' ('.$name.')';
$message = "$table - No columns to match supplied - failed";
}
# if (!isset($details->id)) { # this will be changed when we convert the system table
if (!isset($details->id)) {
$log_details->message = 'No id supplied for '.@ip_address_from_db($details->ip).' ('.$name.')';
$message = "$table - No id supplied - failed";
}
$this->m_audit_log->update('debug', $message, $details->id, $details->last_seen);
unset($message);
$log_details->severity = 5;
stdlog($log_details);
return;
} else {
$this->m_audit_log->update('debug', "$table - start", $details->id, $details->last_seen);
$log_details->message = 'Processing component (' . $table . ') start for '.@ip_address_from_db($details->ip).' ('.$name.')';
$log_details->severity = 7;
stdlog($log_details);
}
// make sure we have an entry for each match column, even if it's empty
foreach ($match_columns as $match_column) {
for ($i=0; $i<count($input->item); $i++) {
if (isset($input->item[$i]) and !isset($input->item[$i]->$match_column)) {
$input->item[$i]->$match_column = '';
}
}
}
### IP ADDRESS ###
if ((string)$table == 'ip') {
for ($i=0; $i<count($input->item); $i++) {
# some devices may provide upper case MAC addresses - ensure all stored in the DB are lower
$input->item[$i]->mac = strtolower($input->item[$i]->mac);
# As at 1.5.6 we pass an additional attribute called 'type' for bonded adapters
# We use this to test and not pad the MAC address if set
if (!isset($input->item[$i]->type)) {
$input->item[$i]->type = '';
}
# calculate the network this address is on (assuming we have an ip AND subnet)
if (isset($input->item[$i]->ip) and $input->item[$i]->ip != '' and isset($input->item[$i]->netmask) and $input->item[$i]->netmask != '' and $input->item[$i]->netmask != '0.0.0.0') {
$temp_long = ip2long($input->item[$i]->netmask);
$temp_base = ip2long('255.255.255.255');
$temp_subnet = 32-log(($temp_long ^ $temp_base)+1,2);
$net = network_details($input->item[$i]->ip.'/'.$temp_subnet);
if (isset($net->network) and $net->network != '') {
#$input->item[$i]->network = $net->network.' / '.$temp_subnet;
$input->item[$i]->network = $net->network.'/'.$temp_subnet;
} else {
$input->item[$i]->network = '';
}
if (isset($net->network_slash) and $net->network_slash != '') {
$input->item[$i]->cidr = $net->network_slash;
} else {
$input->item[$i]->cidr = '';
}
unset($temp_long);
unset($temp_base);
unset($temp_subnet);
unset($net);
}
if ($input->item[$i]->type != 'bonded') {
if (isset($input->item[$i]->mac) and $input->item[$i]->mac != '') {
$mymac = explode(":", $input->item[$i]->mac);
for ($j = 0; $j<count($mymac); $j++) {
$mymac[$j] = mb_substr("00".$mymac[$j], -2);
}
if (count($mymac) > 0) {
$input->item[$i]->mac = implode(":", $mymac);
}
}
}
if (!isset($input->item[$i]->version) or $input->item[$i]->version != '6') {
$input->item[$i]->version = 4;
}
# ensure we have the correctly padded ip v4 address
if ($input->item[$i]->version == 4) {
$input->item[$i]->ip = ip_address_to_db($input->item[$i]->ip);
}
if (!isset($input->item[$i]->ip) or $input->item[$i]->ip == '') {
unset($input->item[$i]);
}
# ensure we add the network to the networks list
if (!empty($input->item[$i]->network)) {
$this->m_oa_config->update_blessed($input->item[$i]->network);
}
}
if ($details->type == 'computer' and $details->os_group == 'VMware') {
# TODO - fix the below somewhow ?!??
# the issue is that ESXi provides different values for network cards from the command line and from SNMP
$sql = "DELETE FROM `ip` WHERE `ip`.`system_id` = ?";
$sql = $this->clean_sql($sql);
$data = array($details->id);
$query = $this->db->query($sql, $data);
# set the below so we don't generate alerts for this
$create_alerts = 'n';
}
}
### NETSTAT ###
if ((string)$table == 'netstat') {
$input = $this->format_netstat_data($input, $details);
}
### NETWORK ###
# depending on the device type we need to alter our matching columns for the network card
if ((string)$table == 'network') {
if ($details->type == 'computer' and $details->os_group != 'VMware') {
# we already match only on MAC Address
} elseif ($details->type == 'computer' and $details->os_group == 'VMware') {
# add index and connection id to the list to be matched
$match_columns[] = 'net_index';
$match_columns[] = 'connection';
# TODO - fix the below somewhow ?!??
# the issue is that ESXi provides different values for network cards from the command line and from SNMP
$sql = "DELETE FROM `network` WHERE `network`.`system_id` = ?";
$sql = $this->clean_sql($sql);
$data = array($details->id);
$query = $this->db->query($sql, $data);
# set the below so we don't generate alerts for this
$create_alerts = 'n';
} else {
# just match the index
$match_columns[] = 'net_index';
}
# some devices may provide upper case MAC addresses - ensure all stored in the DB are lower
for ($i=0; $i<count($input->item); $i++) {
if (isset($input->item[$i]->mac)) {
$input->item[$i]->mac = strtolower($input->item[$i]->mac);
} else {
$input->item[$i]->mac = '';
}
}
}
### PARTITION ###
# AIX needs to also match on partition.name
if ((string)$table == 'partition' and strtolower($details->os_family) == 'ibm aix') {
$match_columns[] = 'name';
}
### PROCESSOR ###
if ((string)$table == 'processor') {
$input->item[0]->description = str_ireplace('(R)', '', $input->item[0]->description);
$input->item[0]->description = str_ireplace('(TM)', '', $input->item[0]->description);
$input->item[0]->description = str_ireplace(' ', ' ', $input->item[0]->description);
$input->item[0]->manufacturer = str_ireplace('AuthenticAMD', 'AMD', $input->item[0]->manufacturer);
$input->item[0]->manufacturer = str_ireplace('GenuineIntel', 'Intel', $input->item[0]->manufacturer);
}
### SERVER ###
if ((string)$table == 'server') {
for ($i=0; $i<count($input->item); $i++) {
if (isset($input->item[$i]->version) and $input->item[$i]->version != '' and $input->item[$i]->type == 'database') {
$input->item[$i]->full_name = (string)$this->get_sql_server_version_string($input->item[$i]->version);
}
}
}
### SOFTWARE ###
# need to pad the version
if ((string)$table == 'software') {
for ($i=0; $i<count($input->item); $i++) {
if (isset($input->item[$i]->version) and $input->item[$i]->version != '') {
$pieces = array();
$pieces = preg_split("/[\s,\+\-\_\.\\\+\~]+/", $input->item[$i]->version);
$input->item[$i]->version_padded = (string)'';
foreach ($pieces as $piece) {
if (strlen($piece) > 10 ) {
$input->item[$i]->version_padded .= $piece;
} else {
$input->item[$i]->version_padded .= mb_substr("00000000000000000000".$piece, -10);
}
}
} else {
$input->item[$i]->version_padded = '';
}
}
}
### VIRTUAL MACHINE ###
if ((string)$table == 'vm') {
foreach ($input->item as $vm) {
if (!isset($vm->group)) {
$vm->group = '';
}
if (!isset($vm->guest_system_id)) {
$vm->guest_system_id = '';
}
if (!isset($vm->icon)) {
$vm->icon = '';
}
if (!isset($vm->uuid) or $vm->uuid == '') {
$vm->uuid = '';
} else {
$sql = "SELECT `system`.`id`, `system`.`icon` FROM `system` WHERE LOWER(`uuid`) = LOWER(?) and `system`.`status` = 'production'";
$sql = $this->clean_sql($sql);
$data = array("$vm->uuid");
$query = $this->db->query($sql, $data);
if ($query->num_rows() > 0) {
$row = $query->row();
$vm->guest_system_id = $row->system_id;
$vm->icon = $row->icon;
$sql = "UPDATE `system` SET `system`.`vm_server_name` = ?, `system`.`vm_system_id` = ? WHERE `system`.`id` = ?";
$sql = $this->clean_sql($sql);
$data = array("$details->name", "$details->id", $vm->guest_system_id);
$query = $this->db->query($sql, $data);
}
}
}
}
# make sure we have a populated org_id for adding items to the charts table
if (empty($details->org_id)) {
$sql = "SELECT `system`.`org_id` FROM `system` WHERE `system`.`id` = ?";
$sql = $this->clean_sql($sql);
$data = array($details->id);
$query = $this->db->query($sql, $data);
$row = $query->row();
$details->org_id = $row->org_id;
}
// get any existing current rows from the database
$sql = "SELECT *, '' AS updated FROM `$table` WHERE current = 'y' AND `$table`.`system_id` = ?";
$sql = $this->clean_sql($sql);
#$data = array($details->id); # this will be changed when we convert the system table
$data = array($details->id);
$query = $this->db->query($sql, $data);
$db_result = $query->result();
$alert = false;
if (count($db_result) != 0) {
// we have existing items in the database
// we should raise an alert where required
$alert = true;
}
// get the field list from the table
$fields = $this->db->list_fields($table);
// ensure we have a filtered array with only single copies of each $item
$items = array();
// for every input item
foreach ($input->item as $input_key => $input_item) {
$matched = 'n';
// loop through the building up item array
foreach ($items as $output_key => $output_item) {
// the matched count is the number of columns in the match_columns array
// that have equal values in our input items
$match_count = 0;
// loop through our match_columns array
for ($i = 0; $i < count($match_columns); $i++) {
// and test if the variables match
if ((string)$input_item->$match_columns[$i] == (string)$output_item->$match_columns[$i]) {
// they match so increment the count
$match_count ++;
}
}
if ($match_count == (count($match_columns))) {
// we have two matching items - combine them
foreach ($fields as $field) {
if ((!isset($output_item->$field) or $output_item->$field == '') and isset($input_item->$field) and $input_item->$field != '') {
$output_item->$field = (string) $input_item->$field;
}
}
$items[$output_key] = $output_item;
$matched = 'y';
}
}
if ($matched != 'y') {
// no match, add the input item to the item array
$items[] = $input_item;
}
}
// for each item from the audit
foreach ($items as $input_item) {
// set these flags on a per audit item basis
$flag = 'insert';
// compare the audit data against the rows from the DB
foreach ($db_result as $key => $db_item) {
// check for a match against the columns in $match_columns
$match_count = 0;
for ($i = 0; $i < count($match_columns); $i++) {
if ((string)$input_item->$match_columns[$i] == (string)$db_item->$match_columns[$i] and $db_item->updated != 'y') {
$match_count ++;
}
}
if ($match_count == (count($match_columns))) {
// UPDATE because all supplied columns match
$flag = 'update';
$sql = '';
// if we have an audit value, replace the DB value
foreach ($fields as $field) {
if (isset($input_item->$field) and $input_item->$field != '') {
$db_item->$field = (string) $input_item->$field;
}
$sql .= " `" . $table . "`.`" . $field . "` = ? , ";
}
// remove the trailing characters
$sql = substr($sql, 0, -2);
// set the last_seen column to the same as in $details (system table)
$db_item->last_seen = (string)$details->last_seen;
// update all values in the table
$sql = "UPDATE `$table` SET $sql WHERE `" . $table . "`.`id` = '" . $db_item->id . "'";
// make sure no data is in $data
unset ($data);
// populate $data with the values from the database, combined with those of the audit
// this is stored in $fields
$data = array();
foreach ($fields as $field) {
$data[] = (string)$db_item->$field;
}
$sql = $this->clean_sql($sql);
$query = $this->db->query($sql, $data);
// remove this item from the database array
// we will later update the remaining items with current = n
// don't deletre it yet as we need to account for multiple items that are the same
// typically in the Windows software listing
// unset($db_result[$key]);
$db_item->updated = 'y';
// set the $id so we can link to this row from graph, etc tables
$id = $db_item->id;
// stop the loop
break;
} else {
// no match - $flag = 'insert' stays unchanged
}
}
// we have looped through the database items
// INSERT because the $flag is set to insert
if ($flag == 'insert') {
# $input_item->system_id = $details->id; # this will be changed when we convert the system table
$input_item->system_id = $details->id;
$input_item->current = 'y';
$input_item->first_seen = (string)$details->last_seen;
$input_item->last_seen = (string)$details->last_seen;
$data = array();
$set_fields = '';
$set_values = '';
foreach ($input_item as $key => $value) {
foreach($fields as $field) {
if ($key == $field) {
$set_fields .= " `$key`, ";
$set_values .= " ?, ";
$data[] = "$value";
}
}
}
$set_fields = substr($set_fields, 0, -2);
$set_values = substr($set_values, 0, -2);
$sql = "INSERT INTO `$table` ( $set_fields ) VALUES ( $set_values ) ";
$sql = $this->clean_sql($sql);
$query = $this->db->query($sql, $data);
$id = $this->db->insert_id();
if ($alert and strtolower($create_alerts) == 'y') {
// We have existing items and this is a new item - raise an alert
$alert_details = '';
foreach ($match_columns as $key => $value) {
$alert_details .= $value . ' is ' . $input_item->$value . ', ';
}
$alert_details = substr($alert_details, 0, -2);
$alert_details = "Item added to $table - " . $alert_details;
if (!isset($details->last_seen) or $details->last_seen == '0000-00-00 00:00:00' or $details->last_seen =='') {
$sql = "SELECT last_seen FROM `system` WHERE id = ?";
$sql = $this->clean_sql($sql);
$data = array($details->id);
$query = $this->db->query($sql, $data);
$result = $query->result();
$details->last_seen = $result[0]->last_seen;
}
$sql = "INSERT INTO change_log (system_id, db_table, db_row, db_action, details, `timestamp`) VALUES (?, ?, ?, ?, ?, ?)";
$sql = $this->clean_sql($sql);
$data = array("$details->id", "$table", "$id", "create", "$alert_details", "$details->last_seen");
$query = $this->db->query($sql, $data);
# add a count to our chart table
$sql = "INSERT INTO chart (`when`, `what`, `org_id`, `count`) VALUES (DATE(NOW()), '" . $table . "_create', " . intval($details->org_id) . ", 1) ON DUPLICATE KEY UPDATE `count` = `count` + 1";
$sql = $this->clean_sql($sql);
$query = $this->db->query($sql);
}
}
if ((string)$table == 'partition') {
// insert an entry into the graph table
$used_percent = @intval(($input_item->used / $input_item->size) * 100);
$free_percent = @intval(100 - $used_percent);
$sql = "INSERT INTO graph VALUES (NULL, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$sql = $this->clean_sql($sql);
$data = array(intval($details->id), "$table", intval($id), "$table", intval($used_percent),
intval($free_percent), intval($input_item->used), intval($input_item->free), intval($input_item->size), "$details->last_seen");
$query = $this->db->query($sql, $data);
}
}
// remove the duplicated DB_items
foreach ($db_result as $key => $db_item) {
if ($db_item->updated) {
unset($db_result[$key]);
}
}
// we have now inserted or updated all items in the audit set
// we have also unset any items that were inserted (from the audit set above) from the db set
// any remaining rows in the db set should have their current flag set to n as they were not found in the audit set
if (count($db_result) > 0) {
$log_details->message = 'Inserting change logs (' . $table . ') for '.@ip_address_from_db($details->ip).' ('.$name.')';
$log_details->severity = 7;
stdlog($log_details);
}
foreach ($db_result as $db_item) {
if (strtolower($delete_noncurrent) == 'y') {
$sql = "DELETE FROM `$table` WHERE `id` = ?";
$sql = $this->clean_sql($sql);
$data = array($db_item->id);
$query = $this->db->query($sql, $data);
} else {
$sql = "UPDATE `$table` SET current = 'n' WHERE id = ?";
$sql = $this->clean_sql($sql);
$data = array($db_item->id);
$query = $this->db->query($sql, $data);
if (strtolower($create_alerts) == 'y') {
$alert_details = '';
foreach ($match_columns as $key => $value) {
$alert_details .= $value . ' is ' . $db_item->$value . ', ';
}
$alert_details = substr($alert_details, 0, -2);
$alert_details = "Item removed from $table - " . $alert_details;
if (!isset($details->last_seen) or $details->last_seen == '0000-00-00 00:00:00' or $details->last_seen =='') {
$sql = "SELECT last_seen FROM `system` WHERE id = ?";
$sql = $this->clean_sql($sql);
$data = array($details->id);
$query = $this->db->query($sql, $data);
$result = $query->result();
$details->last_seen = $result[0]->last_seen;
}
$sql = "INSERT INTO change_log (system_id, db_table, db_row, db_action, details, `timestamp`) VALUES (?, ?, ?, ?, ?, ?)";
$sql = $this->clean_sql($sql);
$data = array("$details->id", "$table", "$db_item->id", "delete", "$alert_details", "$details->last_seen");
$query = $this->db->query($sql, $data);
# add a count to our chart table
$sql = "INSERT INTO chart (`when`, `what`, `org_id`, `count`) VALUES (DATE(NOW()), '" . $table . "_delete', " . intval($details->org_id) . ", 1) ON DUPLICATE KEY UPDATE `count` = `count` + 1";
$sql = $this->clean_sql($sql);
$query = $this->db->query($sql);
}
}
}
// update the audit log
$this->m_audit_log->update('debug', "$table - end", $details->id, $details->last_seen);
$log_details->message = 'Processing component (' . $table . ') end for '.@ip_address_from_db($details->ip).' ('.$name.')';
$log_details->severity = 7;
stdlog($log_details);
return;
}
public function export_nmis()
{
if (!isset($_POST['submit'])) {
# show the list
$this->data['heading'] = 'Export to NMIS';
$this->data['include'] = 'v_export_nmis';
$this->data['export_report'] = 'y';
$this->data['sortcolumn'] = '1';
$this->load->model("m_systems");
$data = array($this->data['id']);
$query = $this->db->query('SET @group = ?', $data);
#$sql = "SELECT system.id, system.nmis_name, system.hostname, system.domain, system.fqdn, system.ip as nmis_host, '' as nmis_community, '' as nmis_version, system.nmis_group, 'true' as nmis_collect, system.nmis_role, '' as nmis_net, nmis_export, access_details FROM system LEFT JOIN oa_group_sys ON system.id = oa_group_sys.system_id WHERE oa_group_sys.group_id = @group GROUP BY system.id ORDER BY system.id";
$sql = "SELECT system.id, system.nmis_name, system.hostname, system.domain, system.fqdn, system.ip as nmis_host, '' as nmis_community, '' as nmis_version, system.nmis_group, 'true' as nmis_collect, system.nmis_role, '' as nmis_net, nmis_export, credential.credentials FROM system LEFT JOIN oa_group_sys ON system.id = oa_group_sys.system_id LEFT JOIN credential ON (credential.system_id = system.id AND credential.type = 'snmp') WHERE oa_group_sys.group_id = @group AND system.status = 'production' GROUP BY system.id ORDER BY system.id";
$query = $this->db->query($sql);
$this->data['query'] = $query->result();
$this->load->library('encrypt');
for ($i = 0; $i < count($this->data['query']); $i++) {
if ($this->data['query'][$i]->credentials != '') {
$j = json_decode($this->encrypt->decode($this->data['query'][$i]->credentials));
}
if ($this->data['query'][$i]->nmis_name == '') {
# need to create a nmis name
if ($this->data['query'][$i]->hostname != '') {
# hostname is our preferred choice
$this->data['query'][$i]->nmis_name = $this->data['query'][$i]->hostname;
} elseif ($this->data['query'][$i]->fqdn != '') {
# second choice is to use the FQDN
$this->data['query'][$i]->nmis_name = $this->data['query'][$i]->fqdn;
} elseif ($this->data['query'][$i]->hostname != '' and $this->data['query'][$i]->domain != '') {
# third - create the FQDN from the hostname + domain
$this->data['query'][$i]->nmis_name = $this->data['query'][$i]->hostname . $this->data['query'][$i]->domain;
} elseif ($this->data['query'][$i]->nmis_host != '') {
# lastly - use the ip address
$this->data['query'][$i]->nmis_name = ip_address_from_db($this->data['query'][$i]->nmis_host);
}
# ensure we don't have a name ending in a .
if (strrpos($this->data['query'][$i]->nmis_name, '.') == strlen($this->data['query'][$i]->nmis_name) - 1) {
$this->data['query'][$i]->nmis_name = substr($this->data['query'][$i]->nmis_name, 0, strlen($this->data['query'][$i]->nmis_name) - 1);
}
$this->data['query'][$i]->nmis_name = "<span style=\"color: blue;\">" . htmlentities($this->data['query'][$i]->nmis_name) . "</span>";
}
# nmis host
#$this->data['query'][$i]->nmis_host = ip_address_from_db($this->data['query'][$i]->nmis_host);
#if (isset($j->ip_address)) { $this->data['query'][$i]->nmis_host = $j->ip_address; }
if ($this->data['query'][$i]->fqdn != '') {
# first choice is to use the FQDN
$this->data['query'][$i]->nmis_host = $this->data['query'][$i]->fqdn;
} elseif ($this->data['query'][$i]->hostname != '' and $this->data['query'][$i]->domain != '') {
# second - create the FQDN from the hostname + domain
$this->data['query'][$i]->nmis_host = $this->data['query'][$i]->hostname . $this->data['query'][$i]->domain;
} elseif ($this->data['query'][$i]->nmis_host != '') {
# lastly - use the ip address
$this->data['query'][$i]->nmis_host = ip_address_from_db($this->data['query'][$i]->nmis_host);
}
# ensure we don't have a host ending in a .
if (strrpos($this->data['query'][$i]->nmis_host, '.') == strlen($this->data['query'][$i]->nmis_host) - 1) {
$this->data['query'][$i]->nmis_host = substr($this->data['query'][$i]->nmis_host, 0, strlen($this->data['query'][$i]->nmis_host) - 1);
}
# nmis group
if ($this->data['query'][$i]->nmis_group == '') {
$this->data['query'][$i]->nmis_group = "<span style=\"color: blue;\">Open-AudIT</span>";
}
# nmis role
if ($this->data['query'][$i]->nmis_role == '') {
$this->data['query'][$i]->nmis_role = "<span style=\"color: blue;\">core</span>";
}
# snmp community
if (isset($j->community)) {
$this->data['query'][$i]->nmis_community = $j->community;
}
if ($this->data['query'][$i]->nmis_community == '') {
$this->data['query'][$i]->nmis_community = "<span style=\"color: blue;\">public</span>";
}
# snmp version
if (isset($j->version)) {
$this->data['query'][$i]->nmis_snmp_version = $j->version;
}
if (!isset($this->data['query'][$i]->nmis_snmp_version) or $this->data['query'][$i]->nmis_snmp_version == '') {
$this->data['query'][$i]->nmis_snmp_version = "<span style=\"color: blue;\">2</span>";
}
$j = null;
}
$this->data['group_id'] = $this->data['id'];
$this->load->view('v_template', $this->data);
} else {
$device_array = array();
foreach ($_POST as $key => $value) {
if (strpos($key, 'system_id_') !== false) {
$i = explode("_", $key);
if (intval($i[2]) != 0) {
$device_array[] = $i[2];
}
}
}
$this->load->model("m_system");
$this->load->model("m_oa_group");
$this->load->library('encrypt');
$csv = "name,host,group,role,community,version\n";
$query = array();
$i = 0;
# I set $i = 0 so I could copy/paste the code from above :-)
foreach ($device_array as $key => $value) {
#$sql = "SELECT system.system_id, system.nmis_name, system.hostname, system.domain, system.fqdn, system.man_ip_address as nmis_host, '' as nmis_community, '' as nmis_version, system.nmis_group, 'true' as nmis_collect, system.nmis_role, '' as nmis_net, nmis_export, access_details FROM system WHERE system_id = ?";
$sql = "SELECT system.id, system.nmis_name, system.hostname, system.domain, system.fqdn, system.ip as nmis_host, '' as nmis_community, '' as nmis_version, system.nmis_group, 'true' as nmis_collect, system.nmis_role, '' as nmis_net, nmis_export, credential.credentials FROM system LEFT JOIN credential ON (system.id = credential.system_id AND credential.type = 'snmp') WHERE system.id = ?";
$data = array($value);
$query = $this->db->query($sql, $data);
$this->data['query'] = $query->result();
if ($this->data['query'][$i]->credentials != '') {
$j = json_decode($this->encrypt->decode($this->data['query'][$i]->credentials));
}
$this->data['query'][$i]->nmis_host = ip_address_from_db($this->data['query'][$i]->nmis_host);
# blank nmis name and populated hostname
if ($this->data['query'][$i]->nmis_name == '') {
# need to create a nmis name
if ($this->data['query'][$i]->hostname != '') {
# hostname is our preferred choice
$this->data['query'][$i]->nmis_name = $this->data['query'][$i]->hostname;
} elseif ($this->data['query'][$i]->fqdn != '') {
# second choice is to use the FQDN
$this->data['query'][$i]->nmis_name = $this->data['query'][$i]->fqdn;
} elseif ($this->data['query'][$i]->hostname != '' and $this->data['query'][$i]->domain != '') {
# third - create the FQDN from the hostname + domain
$this->data['query'][$i]->nmis_name = $this->data['query'][$i]->hostname . $this->data['query'][$i]->domain;
} elseif ($this->data['query'][$i]->nmis_host != '') {
# lastly - use the ip address
$this->data['query'][$i]->nmis_name = $this->data['query'][$i]->nmis_host;
}
}
# ensure we don't have a name ending in a .
if (strrpos($this->data['query'][$i]->nmis_name, '.') == strlen($this->data['query'][$i]->nmis_name) - 1) {
$this->data['query'][$i]->nmis_name = substr($this->data['query'][$i]->nmis_name, 0, strlen($this->data['query'][$i]->nmis_name) - 1);
}
# nmis host
#$this->data['query'][$i]->nmis_host = ip_address_from_db($this->data['query'][$i]->nmis_host);
#if (isset($j->ip_address)) { $this->data['query'][$i]->nmis_host = $j->ip_address; }
if ($this->data['query'][$i]->fqdn != '') {
# first choice is to use the FQDN
$this->data['query'][$i]->nmis_host = $this->data['query'][$i]->fqdn;
} elseif ($this->data['query'][$i]->hostname != '' and $this->data['query'][$i]->domain != '') {
# second - create the FQDN from the hostname + domain
$this->data['query'][$i]->nmis_host = $this->data['query'][$i]->hostname . $this->data['query'][$i]->domain;
}
# ensure we don't have a host ending in a .
if (strrpos($this->data['query'][$i]->nmis_host, '.') == strlen($this->data['query'][$i]->nmis_host) - 1) {
$this->data['query'][$i]->nmis_host = substr($this->data['query'][$i]->nmis_host, 0, strlen($this->data['query'][$i]->nmis_host) - 1);
}
# nmis group
if ($this->data['query'][$i]->nmis_group == '') {
$this->data['query'][$i]->nmis_group = "Open-AudIT";
}
# nmis role
if ($this->data['query'][$i]->nmis_role == '') {
$this->data['query'][$i]->nmis_role = "core";
}
# snmp community
if (!empty($j->community)) {
$this->data['query'][$i]->nmis_community = $j->community;
}
if (empty($this->data['query'][$i]->nmis_community)) {
$this->data['query'][$i]->nmis_community = 'public';
}
# snmp version
if (isset($j->snmp_version)) {
if ($j->snmp_version == '2') {
$j->snmp_version = '2c';
}
$this->data['query'][$i]->nmis_snmp_version = 'snmpv' . $j->version;
}
if (empty($this->data['query'][$i]->nmis_snmp_version)) {
$this->data['query'][$i]->nmis_snmp_version = "snmpv2c";
}
$j = null;
$csv .= $this->data['query'][$i]->nmis_name . "," . $this->data['query'][$i]->nmis_host . "," . $this->data['query'][$i]->nmis_group . "," . $this->data['query'][$i]->nmis_role . "," . $this->data['query'][$i]->nmis_community . "," . $this->data['query'][$i]->nmis_snmp_version . "\n";
}
if (!file_exists("/usr/local/nmis8/admin/import_nodes.pl")) {
echo $csv;
header('Content-Type: text/csv');
header('Content-Disposition: attachment;filename="Nodes.open-audit"');
header('Cache-Control: max-age=0');
} else {
$filename = '/usr/local/nmis8/conf/Nodes.open-audit';
$handle = fopen($filename, "w");
fwrite($handle, $csv);
fclose($handle);
$cmd = "/usr/local/nmis8/admin/import_nodes.pl csv={$filename} nodes=/usr/local/nmis8/conf/Nodes.nmis overwrite=true >> /usr/local/open-audit/other/log_system.log 2>&1 &";
exec($cmd);
redirect('/admin/view_log');
}
}
}
case "image":
if ($row->{$column_variable_name} == "") {
$row->{$column_variable_name} = "unknown";
}
if ($column_align == '') {
$column_align = 'center';
}
if ($column->column_name == 'Icon') {
echo "\t\t\t<td style=\"text-align: center;\"><img src=\"" . str_replace("index.php", "", site_url()) . "theme-tango/tango-images/16_" . strtolower(str_replace(" ", "_", $row->{$column_variable_name})) . ".png\" style='border-width:0px;' title=\"" . $row->{$column_variable_name_sec} . "\" alt=\"" . $row->{$column_variable_name_sec} . "\" /></td>\n";
}
if ($column->column_name == 'Picture') {
echo "\t\t\t<td style=\"text-align: center;\"><img src=\"" . str_replace("index.php", "", site_url()) . "device_images/" . $row->{$column_variable_name} . ".jpg\" style='border-width:0px; height:100px' title=\"" . $row->{$column_variable_name_sec} . "\" alt=\"" . $row->{$column_variable_name_sec} . "\" /></td>\n";
}
break;
case "ip_address":
echo "\t\t\t<td style=\"text-align: {$column_align};\"><span style=\"display: none;\">" . $row->man_ip_address . " </span>" . ip_address_from_db($row->man_ip_address) . "</td>\n";
break;
case "multi":
echo "\t\t\t<td style=\"text-align: {$column_align};\">" . str_replace(", ", ",<br />", $row->{$column_variable_name}) . "</td>\n";
break;
case "timestamp":
echo "\t\t\t<td style=\"text-align: {$column_align};\">" . $row->{$column_variable_name} . "</td>\n";
break;
case "url":
$href = '';
if ($column_variable_name_ter > '') {
$image = base_url() . "theme-tango/tango-images/16_" . $column_variable_name_ter . ".png";
} else {
$image = base_url() . "theme-tango/tango-images/16_browser.png";
}
if (isset($row->{$column_variable_name})) {
/**
* Insert a new device into the system table using whatever values we have and insert corresponding rows into the sys_edit_log table
*
* @param array $details the array of attributes from the system table
* @access public
*
* @return string $id which is the id of the device in the system table
*/
public function create(&$details)
{
# nasty hack because when a simplexmlobject is sent (ie, from audit_windows.vbs)
# the foreach iterators below don't work.
# if we cast it to an "object", it stays as a SimpleXMLObject and doesn't work
# because our XML is quite simple, we can cast it to an array and back to a 'normal'
# object and the foreach below works.
$details = (object) $details;
$details = (array) $details;
$details = (object) $details;
# this is an insert - we do NOT want a system.id
unset($details->id);
// get a name we can use
if (!empty($details->name)) {
$name = $details->name;
} elseif (!empty($details->hostname)) {
$name = $details->hostname;
$details->name = $details->hostname;
} elseif (!empty($details->sysName)) {
$name = $details->sysName;
$details->name = $details->sysName;
} elseif (!empty($details->dns_hostname)) {
$name = $details->dns_hostname;
$details->name = $details->dns_hostname;
}
if (!isset($details->ip)) {
$details->ip = '';
}
$log_details = new stdClass();
$log_details->message = 'System insert start for '.ip_address_from_db($details->ip).' ('.$name.')';
$log_details->severity = 7;
$log_details->file = 'system';
stdlog($log_details);
# remove some characters from the OS string
if ( ! empty($details->os_name)) {
$details->os_name = str_ireplace("(r)", "", $details->os_name);
$details->os_name = str_ireplace("(tm)", "", $details->os_name);
}
if (empty($details->status)) {
$details->status = 'production';
}
if (empty($details->type)) {
$details->type = 'unknown';
} else {
$details->type = strtolower($details->type);
}
if (empty($details->environment)) {
$details->environment = 'production';
}
# we now set a default location - 0 the location_id
if (!isset($details->location_id)) {
$details->location_id = '0';
}
# Set the form factor to virtual if required
if ( ! empty($details->manufacturer)) {
if ((strripos($details->manufacturer, "vmware") !== false) or
(strripos($details->manufacturer, "parallels") !== false) or
(strripos($details->manufacturer, "virtual") !== false)) {
if (!isset($details->class) or $details->class != 'hypervisor') {
$details->form_factor = 'Virtual';
}
}
}
if ( ! empty($details->model)) {
if (strripos($details->model, "bhyve") !== false) {
if (!isset($details->class) or $details->class != 'hypervisor') {
$details->form_factor = 'Virtual';
}
}
}
# Pad the IP address
if ( ! empty($details->ip)) {
$details->ip = ip_address_to_db($details->ip);
}
if ( ! empty($details->hostname) and ! empty($details->domain) and empty($details->fqdn)) {
$details->fqdn = $details->hostname.".".$details->domain;
}
$sql = "SHOW COLUMNS FROM system";
$query = $this->db->query($sql);
$columns = $query->result();
$sql = "INSERT INTO system ( ";
foreach ($details as $key => $value) {
if ($key > '') {
# need to iterate through available columns and only insert where $key == valid column name
foreach ($columns as $column) {
if ($key == $column->Field) {
$sql .= $key.", ";
}
}
}
}
$sql = mb_substr($sql, 0, mb_strlen($sql)-2);
$sql .= " ) VALUES ( ";
foreach ($details as $key => $value) {
if ($key > '') {
foreach ($columns as $column) {
if ($key == $column->Field) {
$sql .= "'".mysqli_real_escape_string($this->db->conn_id, str_replace('"', '', $value))."', ";
}
}
}
}
$sql = mb_substr($sql, 0, mb_strlen($sql)-2);
$sql .= ")";
$query = $this->db->query($sql);
$details->id = $this->db->insert_id();
// set the weight for these $details
$weight = $this->weight($details->last_seen_by);
// insert entries into the edit_log table for these $details columns
foreach ($details as $key => $value) {
if ($key > '') {
foreach ($columns as $column) {
if ($key == $column->Field) {
$sql = "INSERT INTO edit_log VALUES (NULL, 0, ?, '', ?, ?, 'system', ?, ?, ?, ?)";
$data = array("$details->id", "$details->last_seen_by", "$weight", "$key", "$details->last_seen", "$value", "");
$query = $this->db->query($sql, $data);
}
}
}
}
# update the device icon
$this->reset_icons($details->id);
# insert a subnet so we have a default
if (!isset($details->subnet) or $details->subnet == '') {
$details->subnet = '0.0.0.0';
}
$log_details->message = 'System insert end for '.ip_address_from_db($details->ip).' ('.$name.') (System ID '.$details->id.')';
stdlog($log_details);
unset($log_details);
return $details->id;
}
public function get_ip_details($details)
{
if ((!isset($details->hostname) or $details->hostname == '') and (isset($details->ip) and $details->ip != '' and $details->ip != '0.0.0.0' and $details->ip != '000.000.000.000')) {
# no hostname, get using ip address
$details->hostname = gethostbyaddr(ip_address_from_db($details->ip));
}
if ((!isset($details->ip) or $details->ip == '' or $details->ip == '0.0.0.0' or $details->ip == '000.000.000.000') and (isset($details->hostname) and $details->hostname != '')) {
# no ip address, get using hostname
$details->ip = gethostbyname($details->hostname);
}
if (isset($details->ip) and !filter_var($details->ip, FILTER_VALIDATE_IP)) {
# not a valid ip address - assume it's a hostname
$details->hostname = $details->ip;
$details->ip = gethostbyname($details->hostname);
}
if (isset($details->hostname) and filter_var($details->hostname, FILTER_VALIDATE_IP)) {
# we have an ip in the hostname field
$details->hostname = gethostbyaddr(ip_address_from_db($details->hostname));
}
}
#if ($system[0]->type == 'computer' and $system[0]->class != 'hypervisor') {
if ($system[0]->type == 'computer') {
include "v_display_inc_menu.php";
}
?>
</ul>
</div>
</fieldset>
</form>
</div>
<div id="content_column" style="margin-left: 200px;">
<?php
# special case formatting
$system[0]->ip = ip_address_from_db($system[0]->ip);
$system[0]->uptime = strTime($system[0]->uptime);
# create the individual summary sections
$summary_attributes = array('name' => 'text',
'hostname' => 'text' ,
'sysName' => 'text',
'ip' => 'text',
'domain' => 'text',
'fqdn' => 'text',
'type' => 'select',
'environment' => 'select',
'status' => 'select',
'description' => 'text',
'----' => '----',
'manufacturer' => 'text',
<th width="140"><?php
echo __('System Description');
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($query as $key) {
?>
<tr>
<td><span style="display: none;"><?php
echo $key->man_ip_address;
?>
</span><?php
echo ip_address_from_db($key->man_ip_address);
?>
</td>
<td><a class="SystemPopupTrigger" rel="<?php
echo $key->system_id;
?>
" href="<?php
echo base_url();
?>
index.php/main/system_display/<?php
echo $key->system_id;
?>
"><?php
echo $key->hostname;
?>
</a></td>
<tr>
<br />
<label for="submit"> </label><?php echo form_submit(array('id' => 'submit', 'name' => 'submit'), __('Submit') ); ?>
<br /><br /><label for="note"> </label><?php echo __('NOTE - To remove the contents of a field, insert a \'-\' (a dash or minus) into the field. Each device will have that fields contents set to an empty string.'); ?>
</fieldset>
<br /><br />
<fieldset id="system_details" class='niceforms'>
<legend><span style='font-size: 12pt;'> <?php echo __('System Details')?></span></legend>
<table cellspacing="1" class="tablesorter">
<thead>
<tr>
<th width="100"><?php echo __('IP address')?></th>
<th width="110"><?php echo __('System Name')?></th>
<th width="140"><?php echo __('System Description')?></th>
</tr>
</thead>
<tbody>
<?php foreach ($query as $key) {
?>
<tr>
<td><span style="display: none;"><?php echo htmlentities($key->ip)?></span><?php echo htmlentities(ip_address_from_db($key->ip))?></td>
<td><a href="<?php echo base_url()?>index.php/main/system_display/<?php echo intval($key->id)?>"><?php echo htmlentities($key->name)?></a></td>
<td><?php echo htmlentities($key->description)?></td>
</tr>
<?php } ?>
</tbody>
</table>
</fieldset>
</form>
</div>
?>
<label for="submit"> </label><input type="submit" name="submit" id="submit" value="<?php echo __('Submit'); ?>" />
</fieldset>
</form>
<br /><br />
<fieldset id="alert_details" class='niceforms'>
<legend><span style='font-size: 12pt;'> <?php echo __('Alert Details')?></span></legend>
<table cellspacing="1" class="tablesorter">
<thead>
<tr>
<th width="130"><?php echo __('Timestamp')?></th>
<th width="100"><?php echo __('IP address')?></th>
<th width="110"><?php echo __('System Name')?></th>
<th width="140"><?php echo __('System Description')?></th>
<th><?php echo __('Details')?></th>
</tr>
</thead>
<tbody>
<?php foreach ($query as $key): ?>
<tr>
<td><?php echo $key->timestamp?></td>
<td><span style="display: none;"><?php echo print_something($key->ip)?></span><?php echo ip_address_from_db(print_something($key->ip))?></td>
<td><a class="SystemPopupTrigger" rel="<?php echo $key->id;?>" href="<?php echo base_url()?>index.php/main/system_display/<?php echo $key->id?>"><?php echo print_something($key->name)?></a></td>
<td><?php echo print_something($key->description)?></td>
<td><?php echo print_something($key->details)?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</fieldset>
function rss_report($query)
{
$this->load->helper('xml');
echo "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n";
echo "<rss version=\"2.0\" xmlns:dc=\"http://purl.org/dc/elements/1.1/\">\n";
echo "\t<channel>\n";
echo "\t\t<title>Open-AudIT</title>\n";
echo "\t\t<link>" . current_url() . "</link>\n";
echo "\t\t<description>" . $this->data['heading'] . "</description>\n";
echo "\t\t<language>" . $this->session->userdata['user_lang'] . "</language>\n";
#echo "\t\t<dc:date>" . date('Y-m-d h:m:s') . "</dc:date>\n";
foreach ($query as $details) {
$title = "";
$description = "";
echo "\t\t<item>\n";
foreach ($details as $attribute => $value) {
$value = html_entity_decode($value);
$category = "";
if ($attribute == "man_ip_address") {
$value = ip_address_from_db($value);
}
if ($attribute == "timestamp") {
$temp2 = strtotime($value);
#echo "\t\t\t<pubDate>" . date('D, d M Y h:i:s', $temp2) . "</pubDate>\n";
$pub_date = date('D, d M Y h:i:s O', $temp2);
$description .= "PubDate: " . $pub_date . "<br />";
}
if ($attribute == "alert_details") {
$title .= $value;
$temp1 = explode("-", $value);
$category = trim($temp1[0]);
$description .= "Category: " . $category . "<br />\n";
}
if ($attribute == "system_id") {
$link = $value;
}
if ($attribute == "hostname") {
$title = strtoupper($value) . " " . $title;
}
$description .= $attribute . ": " . $value . "<br />";
#if ($attribute == "") {
#}
#echo "\t\t\t<" . $attribute . ">" . $value . "</" . $attribute . ">\n";
}
echo "\t\t\t<title><![CDATA[" . $title . "]]></title>\n";
echo "\t\t\t<pubDate>" . $pub_date . "</pubDate>\n";
echo "\t\t\t<link>" . site_url() . "/main/system_display/" . $link . "</link>\n";
echo "\t\t\t<description><![CDATA[" . $description . "]]></description>\n";
echo "\t\t\t<category>" . $category . "</category>\n";
echo "\t\t\t<dc:creator><![CDATA[\"Mark Unwin\" <*****@*****.**>]]></dc:creator>\n";
echo "\t\t</item>\n";
}
echo " </channel>\n</rss>\n";
header('Content-Type: text/xml');
header('Content-Disposition: attachment;filename="' . $this->data['heading'] . '.rss"');
header('Cache-Control: max-age=0');
}
function process_edit_systems()
{
if (!isset($_POST['submit'])) {
redirect('main/list_groups/');
}
$this->load->model("m_oa_group");
if (is_numeric($_POST['group_id'])) {
// we must check to see if the user has at least VIEW permission on the group
$this->data['user_access_level'] = $this->m_oa_group->get_group_access($_POST['group_id'], $this->data['user_id']);
if ($this->data['user_access_level'] < '10') {
// not enough permission - redirect
redirect('main/list_groups/');
}
} else {
redirect('main/list_groups/');
}
$this->load->model("m_system");
$this->load->library('encrypt');
$group_id = $_POST['group_id'];
$data['items'] = array();
foreach ($_POST as $key => $value) {
if (mb_strpos($key, 'man_') !== false && $value != '') {
$item = array($key, $value);
array_push($data['items'], $item);
$item = NULL;
}
}
$data['systems'] = array();
foreach ($_POST as $key => $value) {
if (mb_strpos($key, 'system_') !== false && $value != '') {
$item = array($key, $value);
array_push($data['systems'], $item);
$item = NULL;
}
}
# create the SNMP credentials
if ($_POST['snmp_community'] > '' and $_POST['snmp_version'] > '') {
foreach ($data['systems'] as $system) {
$encode['ip_address'] = ip_address_from_db($this->m_system->check_man_ip_address($system[1]));
# make sure the device in question actually has an ip address
if ($encode['ip_address'] > '' and $encode['ip_address'] != '0.0.0.0') {
$encode['snmp_version'] = $_POST['snmp_version'];
$encode['snmp_community'] = $_POST['snmp_community'];
$encoded = json_encode($encode);
$encoded = $this->encrypt->encode($encoded);
$this->m_system->update_system_man($system[1], 'access_details', $encoded);
}
}
}
foreach ($_POST as $field_name => $field_data) {
# input all the manual fields
if (mb_strpos($field_name, 'man_') !== false && $field_data != '') {
foreach ($data['systems'] as $system) {
$this->m_system->update_system_man($system[1], $field_name, $field_data);
}
}
}
foreach ($data['systems'] as $system) {
$details->system_id = $system[1];
$details->type = 'computer';
$this->m_oa_group->update_system_groups($details);
}
redirect('/main/list_devices/' . $group_id);
}
echo "\t\t\t<td align=\"{$colalign}\">" . htmlentities($key->{$colname}, ENT_QUOTES, "UTF-8") . "</td>\n";
} else {
echo "\t\t\t<td align=\"{$colalign}\">" . htmlentities($key->{$colname}, ENT_QUOTES, "UTF-8") . "</td>\n";
}
}
break;
}
break;
case "image":
if ($key->{$colname} == "") {
$key->{$colname} = "unknown";
}
echo "\t\t\t<td align=\"center\"><img src=\"" . $image_path . "16_" . $key->{$colname} . ".png\" style='border-width:0px;' title=\"" . $key->{$colname_sec} . "\" alt=\"" . $key->{$colname_sec} . "\" /></td>\n";
break;
case "ip_address":
echo "\t\t\t<td align=\"{$colalign}\"><span style=\"display: none;\">" . $key->man_ip_address . " </span>" . ip_address_from_db($key->man_ip_address) . "</td>\n";
break;
case "timestamp":
echo "\t\t\t<td align=\"{$colalign}\">" . $key->{$colname} . "</td>\n";
break;
case "url":
$href = '';
if ($colname_ter > '') {
$image = $image_path . "16_" . $colname_ter . ".png";
} else {
$image = $image_path . "16_browser.png";
}
if (isset($key->{$colname})) {
$href = str_replace("&", "&", str_replace("&", "&", $key->{$colname}));
}
if ($colname == '' && $collink > '') {
</th>
<th><?php
echo __('Status');
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($print_queue as $key) {
?>
<?php
if ($key->queue_ip_address == '') {
$ip_address = '';
} else {
$ip_address = ip_address_from_db($key->queue_ip_address);
}
?>
<tr>
<td><?php
echo $key->queue_name;
?>
</td>
<td><?php
echo $key->queue_model;
?>
</td>
<td><?php
echo $key->queue_manufacturer;
?>
</td>
function output_convert($data)
{
foreach ($data as $row) {
if (is_array($row)) {
$row = output_convert($row);
} elseif (is_object($row)) {
if (!empty($row->attributes)) {
foreach ($row->attributes as $key => $value) {
if (isset($key) and ($key == 'id' or $key == 'free' or $key == 'used' or $key == 'size' or $key == 'speed' or $key == 'total' or $key == 'col_order' or $key == 'access_level' or $key == 'count')) {
$row->attributes->{$key} = intval($value);
} elseif (strrpos($key, 'id') === strlen($key) - 2 or strrpos($key, 'count') === strlen($key) - 5 or strrpos($key, 'percent') === strlen($key) - 7 or strrpos($key, 'size') === strlen($key) - 4) {
$row->attributes->{$key} = intval($value);
} elseif (strrpos($key, 'ip') === strlen($key) - 2 or strrpos($key, 'next_hop') === strlen($key) - 8 or strrpos($key, 'destination') === strlen($key) - 11) {
$temp_name = $key . '_padded';
$row->attributes->{$temp_name} = ip_address_from_db($value);
$row->attributes->{$temp_name} = ip_address_to_db($row->attributes->{$temp_name});
$row->attributes->{$key} = ip_address_from_db($value);
if ($row->attributes->{$temp_name} == $row->attributes->{$key}) {
unset($row->attributes->{$temp_name});
}
}
}
}
}
}
return $data;
}
public function update_system($details, $display = 'n')
{
if (!isset($details->id) or $details->id == '') {
# this is an update - we need a system.id
return;
}
# nasty hack because when a simplexmlobject is sent (ie, from audit_windows.vbs)
# the foreach iterators below don't work.
# if we cast it to an "object", it stays as a SimpleXMLObject and doesn't work
# because our XML is quite simple, we can cast it to an array and back to a 'normal'
# object and the foreach below works.
$details = (object) $details;
$details = (array) $details;
$details = (object) $details;
if (isset($details->ip) and $details->ip != '') {
$temp_ip = $details->ip.' ';
} else {
$temp_ip = '';
}
$log_details = new stdClass();
$log_details->message = 'System update start for '.ip_address_from_db($temp_ip).'('.$details->hostname.') (System ID '.$details->id.')';
$log_details->severity = 7;
$log_details->file = 'system';
if ($display != 'y') {
$display = 'n';
}
$log_details->display = $display;
unset($display);
stdlog($log_details);
unset($temp_ip);
# If we have an ip address in the hostname field - see if we have other attributes available
if (filter_var($details->hostname, FILTER_VALIDATE_IP)) {
# try getting the dns hostname
$details->hostname = strtolower(gethostbyaddr($details->ip));
# make sure we use the hostname and not a fqdn if returned
if (strpos($details->hostname, ".") != false) {
if (!filter_var($details->hostname, FILTER_VALIDATE_IP)) {
# we got a FQDN back from DNS - split it up
$details->fqdn = strtolower($details->hostname);
$i = explode(".", $details->hostname);
$details->hostname = $i[0];
unset($i[0]);
$details->domain = implode(".", $i);
unset($i);
} else {
# we got an ip address back from DNS which is now the hostname
}
} else {
# we should have a real hostname if we get to here
}
}
if (filter_var($details->hostname, FILTER_VALIDATE_IP) and isset($details->sysName) and $details->sysName != '') {
# use the sysName from SNMP if set
$details->hostname = $details->sysName;
}
$sql = "SELECT name FROM system WHERE id = ?";
$sql = $this->clean_sql($sql);
$data = array("$details->id");
$query = $this->db->query($sql, $data);
$result = $query->row();
$db_name = $result->name;
if (empty($db_name)) {
if (!empty($details->hostname) != '' and empty($details->name)) {
$details->name = $details->hostname;
}
}
# if submitting an nmap scan, do not update the type or type
if (isset($details->last_seen_by) and $details->last_seen_by == 'nmap') {
unset($details->type);
} else {
if (!empty($details->type)) {
$details->type = strtolower($details->type);
}
}
# for removing existing symbols
if (isset($details->os_name)) {
$details->os_name = str_ireplace("(r)", "", $details->os_name);
$details->os_name = str_ireplace("(tm)", "", $details->os_name);
}
# we check a few items when we are submitting an audit script result
# if they are blank (previously submitted info is incomplete) we over write them
if (isset($details->last_seen_by) and ($details->last_seen_by == 'audit' or $details->last_seen_by == 'snmp' or $details->last_seen_by == 'ipmi')) {
$sql = "SELECT * FROM system WHERE id = ? LIMIT 1";
$sql = $this->clean_sql($sql);
$data = array("$details->id");
$query = $this->db->query($sql, $data);
$row = $query->row();
if (count($row) > 0) {
if (strlen($row->hostname) > 15 and isset($details->hostname) and strlen($details->hostname) == 15) {
unset($details->hostname);
}
if (isset($details->manufacturer) and (
(strripos($details->manufacturer, "vmware") !== false) or
(strripos($details->manufacturer, "parallels") !== false) or
(strripos($details->manufacturer, "virtual") !== false))) {
$details->form_factor = 'Virtual';
}
if ($row->icon != '') {
if (isset($details->icon)) {
unset($details->icon);
}
} else {
if (!isset($details->icon) or $details->icon == '') {
$details->icon = $details->type;
}
}
} // end of row count > 0
}
if (!isset($details->timestamp) or $details->timestamp == '') {
$details->timestamp = $this->config->config['timestamp'];
}
if (!isset($details->original_timestamp) or $details->original_timestamp == '') {
$sql = "SELECT last_seen FROM system WHERE id = ?";
$sql = $this->clean_sql($sql);
$data = array("$details->id");
$query = $this->db->query($sql, $data);
$row = $query->row();
$details->original_timestamp = $row->last_seen;
}
if (isset($details->ip)) {
$details->ip = ip_address_to_db($details->ip);
}
# if we don't have a real ip address, remove it
if ((isset($details->ip)) and
($details->ip == '' or
$details->ip == '0.0.0.0' or
$details->ip == '000.000.000.000')) {
unset($details->ip);
}
$fields = implode(' ', $this->db->list_fields('system'));
foreach ($details as $key => $value) {
if (($key != '') and ($value != '')) {
# need to iterate through available columns and only insert where $key == valid column name
if ($key != 'id' and stripos($fields, ' '.$key.' ') !== false) {
// OK, we have a valid attribute name ($key)
// get the current value
$sql = "SELECT `$key` AS `$key` FROM `system` WHERE `id` = ?";
$data = array(intval($details->id));
$query = $this->db->query($sql, $data);
$result = $query->result();
$previous_value = $result[0]->{$key};
# get the current entry in the edit_log
$sql = "SELECT * FROM `edit_log` WHERE `system_id` = ? AND `db_table` = 'system' AND `db_column` = ? ORDER BY `timestamp` DESC LIMIT 1";
$data = array(intval($details->id), "$key");
$query = $this->db->query($sql, $data);
$result = $query->result();
if (!empty($result[0]->weight)) {
$previous_weight = intval($result[0]->weight);
} else {
$previous_weight = 10000;
}
// calculate the weight
$weight = intval($this->weight($details->last_seen_by));
if ($weight <= $previous_weight and $value != $previous_value) {
if ($key != 'id' and $key != 'last_seen' and $key != 'last_seen_by' and $key != 'first_seen') {
// update the system table
$sql = "UPDATE `system` SET `" . $key . "` = ? WHERE id = ?";
$data = array((string)$value, intval($details->id));
$query = $this->db->query($sql, $data);
// insert an entry into the edit table
$columns_that_dont_get_edit_log = ' id sysUpTime uptime ';
if (stripos($columns_that_dont_get_edit_log, $key) === false) {
$sql = "INSERT INTO edit_log VALUES (NULL, ?, ?, 'Data was changed', ?, ?, 'system', ?, NOW(), ?, ?)";
$data = array(0, intval($details->id), (string)$details->last_seen_by, intval($weight), (string)$key, (string)$value, (string)$previous_value);;
$query = $this->db->query($sql, $data);
}
}
} else {
# We have an existing edit_log entry with a more important change - don't touch the `system`.`$key` value
}
}
}
}
if (!empty($details->last_seen_by)) {
$last_seen_by = $details->last_seen_by;
} else {
$last_seen_by = '';
}
if (!empty($details->last_seen)) {
$last_seen = $details->last_seen;
} else {
$last_seen = '';
}
$sql = "UPDATE system SET `last_seen_by` = ?, `last_seen` = ? WHERE id = ?";
$query = $this->db->query($sql, array((string)$last_seen_by, (string)$last_seen, intval($details->id)));
# finally, update the device icon
$this->m_system->reset_icons($details->id);
if (isset($details->mac_address) and $details->mac_address != '' and
isset($details->ip) and $details->ip != '' and
isset($details->subnet) and $details->subnet != '') {
# we need to check if we have an entry in `network`
# if we do not, but we have details (ex- an nmap device that previously existed but did not have a MAC, but now does)
# we need to insert it.
# ideally this would have already been done when the device was initially discovered, but we cannot count on that.
# need to check if an entry in `network` exists and if it does not AND we have details, insert something
# search for any entries in `ip`
$sql = "SELECT * FROM ip WHERE system_id = ? AND mac = ? AND current = 'y' AND ip = ?";
$sql = $this->clean_sql($sql);
$data = array("$details->id", "$details->mac_address", "$details->ip");
$query = $this->db->query($sql, $data);
$result = $query->result();
if (count($result) == 0) {
# no match - insert
$sql = "INSERT INTO ip (id, system_id, current, first_seen, last_seen, mac, net_index, ip, netmask, version, network, set_by) VALUES(NULL, ?, 'y', ?, ?, ?, '', ?, ?, '', '', '')";
$sql = $this->clean_sql($sql);
$data = array("$details->id", "$details->timestamp", "$details->timestamp", "$details->mac_address", "$details->ip", "$details->subnet");
$query = $this->db->query($sql, $data);
} else {
# match - update timestamp only
$sql = "UPDATE ip SET last_seen = ? WHERE system_id = ? AND mac = ? AND current = 'y' AND ip = ?";
$sql = $this->clean_sql($sql);
$data = array("$details->timestamp", "$details->id", "$details->mac_address", "$details->ip");
$query = $this->db->query($sql, $data);
}
}
if (isset($details->ip) and $details->ip != '') {
$temp_ip = $details->ip.' ';
} else {
$temp_ip = '';
}
# check if we have a matching entry in the vm table and update it if required
if (isset($details->uuid) and $details->uuid != '') {
if (!empty($details->serial)) {
# becauseWindows doesn't supply an identical UUID, but it does supply the required digits, make a UUID from the serial
# which is taken from Win32_ComputerSystemProduct.IdentifyingNumber
# Vmware supplies - 564d3739-b4cb-1a7e-fbb1-b10dcc0335e1
# audit_windows supples - VMware-56 4d 37 39 b4 cb 1a 7e-fb b1 b1 0d cc 03 35 e1
$windows_vm_uuid = str_ireplace('VMware-', '', $details->serial);
$windows_vm_uuid = str_ireplace('-', ' ', $windows_vm_uuid);
$windows_vm_uuid = strtolower($windows_vm_uuid);
$windows_vm_uuid = str_ireplace(' ', '', $windows_vm_uuid);
$windows_vm_uuid = substr($windows_vm_uuid, 0, 8) . '-'. substr($windows_vm_uuid, 8, 4) . '-' . substr($windows_vm_uuid, 12, 4) . '-' . substr($windows_vm_uuid, 16, 4) . '-' . substr($windows_vm_uuid, 20, 12);
} else {
$windows_vm_uuid = '';
}
$sql = "SELECT vm.id, vm.system_id AS 'vm_system_id', system.hostname AS 'vm_server_name' FROM vm, system WHERE LOWER(vm.uuid) = LOWER(?) OR LOWER(vm.uuid) = LOWER(?) AND vm.current = 'y' and vm.system_id = system.id and vm.uuid != ''";
$sql = $this->clean_sql($sql);
$data = array("$details->uuid", "$windows_vm_uuid");
$query = $this->db->query($sql, $data);
if ($query->num_rows() > 0) {
$row = $query->row();
$temp_vm_id = $row->id;
$details->vm_system_id = $row->vm_system_id;
$details->vm_server_name = $row->vm_server_name;
$sql = "SELECT icon FROM system WHERE system.id = ?";
$sql = $this->clean_sql($sql);
$data = array($details->id);
$query = $this->db->query($sql, $data);
$row = $query->row();
$details->icon = $row->icon;
$sql = "UPDATE vm SET guest_system_id = ?, icon = ? WHERE id = ?";
$sql = $this->clean_sql($sql);
$data = array($details->id, "$details->icon", "$temp_vm_id");
$query = $this->db->query($sql, $data);
$sql = "UPDATE system SET vm_system_id = ?, vm_server_name = ? WHERE id = ?";
$sql = $this->clean_sql($sql);
$data = array($details->vm_system_id, $details->vm_server_name, $details->id);
$query = $this->db->query($sql, $data);
}
}
if (empty($details->org_id)) {
$sql = "SELECT org_id FROM system WHERE id = ?";
$sql = $this->clean_sql($sql);
$data = array($details->id);
$query = $this->db->query($sql, $data);
$row = $query->row();
$details->org_id = $row->org_id;
}
# add a count to our chart table
$sql = "INSERT INTO chart (`when`, `what`, `org_id`, `count`) VALUES (DATE(NOW()), '" . $details->last_seen_by . "', " . $details->org_id . ", 1) ON DUPLICATE KEY UPDATE `count` = `count` + 1";
$sql = $this->clean_sql($sql);
$query = $this->db->query($sql);
$log_details->message = 'System update end for '.ip_address_from_db($temp_ip).'('.$details->hostname.') (System ID '.$details->id.')';
stdlog($log_details);
unset($log_details);
unset($temp_ip);
}
