function PrintEventsByIP($db, $ip)
{
$ip = Util::htmlentities($ip);
global $debug_mode;
$count = 0;
/* Jeffs stuff */
/* Count total events for the given address */
$event_cnt = EventCntByAddr($db, $ip);
/* Grab unique alerts and count them */
$unique_events = UniqueEventCntByAddr($db, $ip, $count);
$unique_event_cnt = count($unique_events);
printf("<B>" . gettext("%d unique events detected among %d events on %s") . "/32</B><BR>", $unique_event_cnt, $event_cnt, Util::htmlentities($ip));
/* Print the Statistics on Each of the Unique Alerts */
echo '<TABLE BORDER=0 class="table_list">
<TR>
<TD CLASS="headerbasestat">' . gettext("TCP Flags") . '</TD>
<TD CLASS="headerbasestat">' . gettext("Total<BR> Occurrences") . '</TD>
<TD CLASS="headerbasestat">' . gettext("Num of Sensors") . '</TD>
<TD CLASS="headerbasestat">' . gettext("First<BR> Occurrence") . '</TD>
<TD CLASS="headerbasestat">' . gettext("Last<BR> Occurrence") . '</TD>
</TR>';
for ($i = 0; $i < $unique_event_cnt; $i++) {
$current_event = $unique_events[$i];
$total = UniqueEventTotalsByAddr($db, $ip, $current_event);
$num_sensors = UniqueSensorCntByAddr($db, $ip, $current_event);
$start_time = StartTimeForUniqueEventByAddr($db, $ip, $current_event);
$stop_time = StopTimeForUniqueEventByAddr($db, $ip, $current_event);
$cellcolor = $i % 2 != 0 ? "bgcolor='#f2f2f2'" : "";
/* Print out */
echo "<TR {$cellcolor}>";
// if ($debug_mode > 1) {
// SQLTraceLog(__FILE__ . ":" . __LINE__ . ":" . __FUNCTION__ . ": Before BuildSigByID()");
// }
$signame = BuildSigByPlugin($unique_events[$i][0], $unique_events[$i][1], $db);
echo " <TD ALIGN='center'> " . str_replace("##", "", html_entity_decode($signame));
// if ($debug_mode > 1) {
// SQLTraceLog(__FILE__ . ":" . __LINE__ . ":" . __FUNCTION__ . ": After BuildSigByID()");
// }
$tmp_iplookup = 'base_qry_main.php?new=1&sig_type=1&sig%5B0%5D=%3D&sig%5B1%5D=' . urlencode($unique_events[$i][0] . ";" . $unique_events[$i][1]) . '&num_result_rows=-1&submit=' . gettext("Query DB") . '¤t_view=-1&ip_addr_cnt=2' . BuildIPFormVars(urlencode($ip));
$tmp_sensor_lookup = 'base_stat_sensor.php?sig_type=1&sig%5B0%5D=%3D&sig%5B1%5D=' . urlencode($unique_events[$i][0] . ";" . $unique_events[$i][1]) . '&ip_addr_cnt=2' . BuildIPFormVars(urlencode($ip));
echo " <TD align='center'> <A HREF=\"{$tmp_iplookup}\">" . Util::htmlentities($total) . "</A> ";
echo " <TD align='center'> <A HREF=\"{$tmp_sensor_lookup}\">" . Util::htmlentities($num_sensors) . "</A> ";
//echo " <TD align='center'> $num_sensors";
echo " <TD align='center'> {$start_time}";
echo " <TD align='center' valign='middle'> {$stop_time}";
echo '</TR>';
}
echo "</TABLE>\n";
}
}
$sip_aux = $sensors[$currentIP] != "" ? $sensors[$currentIP] : ($hosts[$currentIP] != "" ? $hosts[$currentIP] : $currentIP);
$div = '<div id="' . $currentIP . ';' . $ip_aux . '" class="HostReportMenu">';
$bdiv = '</div>';
qroPrintEntry($div . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . $country_img . $homelan . $bdiv, 'center', '', 'nowrap');
}
if ($resolve_IP == 1) {
qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $db, $dns_cache_lifetime) . ' ');
}
/* Print # of Occurances */
$tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1';
$tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1&sort_order=occur_d';
if ($no_ip) {
$url_criteria = BuildIPFormVars(NULL_IP);
} else {
$url_criteria = BuildIPFormVars($currentIP);
}
if ($no_ip) {
$url_criteria_src = BuildSrcIPFormVars(NULL_IP);
} else {
$url_criteria_src = BuildSrcIPFormVars($currentIP);
}
if ($no_ip) {
$url_criteria_dst = BuildDstIpFormVars(NULL_IP);
} else {
$url_criteria_dst = BuildDstIPFormVars($currentIP);
}
qroPrintEntry($num_sensors);
qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . $num_events . '</A>');
qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_src . '">' . $num_sig_src . '</A>');
qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_dst . '">' . $num_sig_dst . '</A>');
