function PurgeAlert($sid, $cid, $db, $deltmp, $j, $interval, $f, $acid_event_input) { $del_table_list = array("iphdr", "tcphdr", "udphdr", "icmphdr", "opt", "extra_data", "acid_ag_alert", "acid_event"); if ($acid_event_input != "") { $del_table_list[] = $acid_event_input; } $del_cnt = 0; $del_str = ""; if ($GLOBALS['use_referential_integrity'] == 1 && $GLOBALS['DBtype'] != "mysql") { $del_table_list = array("event"); } fputs($f, "SET AUTOCOMMIT=0;\n"); for ($k = 0; $k < count($del_table_list); $k++) { /* If trying to add to an BASE table append ag_ to the fields */ if (strstr($del_table_list[$k], "acid_ag") == "") { $sql2 = "DELETE FROM " . $del_table_list[$k] . " WHERE sid='" . $sid . "' AND cid='" . $cid . "'"; } else { $sql2 = "DELETE FROM " . $del_table_list[$k] . " WHERE ag_sid='" . $sid . "' AND ag_cid='" . $cid . "'"; } //$db->baseExecute($sql2); if ($sid != "" && $cid != "") { fputs($f, "{$sql2};\n"); } //if ($db->baseErrorMessage() != "") ErrorMessage(_ERRDELALERT . " " . $del_table_list[$k]); if ($db->baseErrorMessage() != "") { echo "Errorrrrrrrrrr!!!!!!!!!!"; } else { if ($k == 0) { $del_cnt = 1; } } } fputs($f, PurgeAlert_ac($sid, $cid, $db)); fputs($f, "COMMIT;\n"); $perc = round($j * $interval, 0); if ($perc > 100) { $perc = 99; } $rnd = explode("_", $deltmp); fputs($f, "UPDATE deletetmp SET perc={$perc} WHERE id=" . $rnd[1] . ";\n"); // return $del_cnt; }
} } } } } } // ****************************************** Console Purge Event Script ********************************************** ob_implicit_flush(); ini_set('include_path', '/usr/share/ossim/include'); require_once "ossim_db.inc"; $db = new ossim_db(); $conn = $db->snort_connect(); $acid_event_input = ""; if (!($rs =& $conn->Execute("SELECT table_name FROM INFORMATION_SCHEMA.tables WHERE table_name='acid_event_input'"))) { print $conn->ErrorMsg(); exit; } else { if (!$rs->EOF) { $acid_event_input = $rs->fields["table_name"]; } } $sid = $argv[1]; $cid = $argv[2]; if ($sid == "" || cid == "") { echo "Usage: php purge_event.php SID CID\n"; exit; } PurgeAlert_ac($conn, $sid, $cid); PurgeAlert($conn, $sid, $cid, $acid_event_input); echo "\nEvent SID:{$sid}, CID={$cid} successfully deleted.\n\n"; $db->close($conn);