function get_unresolved_alarms($conn) { $alarms = intval(Alarm::get_count($conn, '', '', 1, TRUE)); $alarms_prev = intval($_SESSION['_unresolved_alarms']); if ($alarms != $alarms_prev && $alarms_prev > 0) { $new_alarms = $alarms - $alarms_prev; } else { $new_alarms = 0; } $_SESSION['_unresolved_alarms'] = $alarms; $data['alarms'] = $alarms; $data['new_alarms'] = $new_alarms; $data['new_alarms_desc'] = ''; if ($new_alarms > 0) { $criteria = array('src_ip' => '', 'dst_ip' => '', 'hide_closed' => 1, 'order' => 'ORDER BY a.timestamp DESC', 'inf' => 0, 'sup' => $new_alarms, 'date_from' => '', 'date_to' => '', 'query' => '', 'directive_id' => '', 'intent' => 0, 'sensor' => '', 'tag' => '', 'num_events' => '', 'num_events_op' => 0, 'plugin_id' => '', 'plugin_sid' => '', 'ctx' => '', 'host' => '', 'net' => '', 'host_group' => ''); list($alarm_list, $count) = Alarm::get_list($conn, $criteria); $alarm_string = ''; foreach ($alarm_list as $alarm) { $desc_alarm = Util::translate_alarm($conn, $alarm->get_sid_name(), $alarm); $desc_alarm = html_entity_decode(str_replace("'", "\\'", $desc_alarm)); $desc_alarm = str_replace('"', """, $desc_alarm); $desc_alarm = str_replace('—', "-", $desc_alarm); $desc_alarm = Util::js_entities($desc_alarm); if ($alarm_string != '') { $alarm_string .= '|'; } $alarm_string .= $desc_alarm; } $data['new_alarms_desc'] = $alarm_string; } $return['error'] = FALSE; $return['output'] = $data; return $return; }
require_once 'ossim_db.inc'; require_once 'classes/Host.inc'; require_once 'classes/Host_os.inc'; require_once 'classes/Alarm.inc'; require_once 'classes/Plugin.inc'; require_once 'classes/Plugin_sid.inc'; require_once 'classes/Port.inc'; require_once 'classes/Util.inc'; $ITEMS = 50; $db = new ossim_db(); $conn = $db->connect(); $inf = 0; $sup = $ITEMS; $count = Alarm::get_count($conn, $src_ip, $dst_ip, $hide_closed); $time_start = time(); if ($alarm_list = Alarm::get_list($conn, $src_ip, $dst_ip, $hide_closed, "ORDER by timestamp DESC", $inf, $sup)) { $datemark = ""; foreach ($alarm_list as $alarm) { /* hide closed alarmas */ if ($alarm->get_status() == "closed") { continue; } $id = $alarm->get_plugin_id(); $sid = $alarm->get_plugin_sid(); $backlog_id = $alarm->get_backlog_id(); $sid_name = ""; if ($plugin_sid_list = Plugin_sid::get_list($conn, "WHERE plugin_id = {$id} AND sid = {$sid}")) { $sid_name = $plugin_sid_list[0]->get_name(); } else { $sid_name = "Unknown (id={$id} sid={$sid})"; }
} elseif (!empty($dst_ip)) { $where = "WHERE inet_ntoa(dst_ip) = '{$dst_ip}'"; } else { $where = ''; } //Datasource filter $plugin_id = ""; $plugin_sid = ""; if (!empty($ds_id)) { $ds = explode("-", $ds_id); $plugin_id = $ds[0]; $plugin_sid = $ds[1]; } // Improved efficiency get_list $criteria = array("src_ip" => $src_ip, "dst_ip" => $dst_ip, "hide_closed" => $hide_closed, "order" => "ORDER BY {$order}", "inf" => $inf, "sup" => $sup, "date_from" => $date_from, "date_to" => $date_to, "query" => $query, "directive_id" => $directive_id, "intent" => $intent, "sensor" => $sensor_query, "tag" => $tag, "num_events" => $num_events, "num_events_op" => $num_events_op, "plugin_id" => $plugin_id, "plugin_sid" => $plugin_sid, "ctx" => "", "host" => $host_id, "net" => $net_id, "host_group" => ''); list($alarm_list, $count) = Alarm::get_list($conn, $criteria, true); /* * Pagination */ $total = $inf > 0 && intval($_SESSION["_alarm_count"]) > 0 ? $_SESSION["_alarm_count"] : $count; // Timezone correction $tz = Util::get_timezone(); // $results = array(); $sound = 0; $cont_tr = 0; $time_start = time(); if ($count > 0) { foreach ($alarm_list as $alarm) { /* hide closed alarmas */ if ($alarm->get_status() == "closed" and $hide_closed == 1) {
if (ossim_error()) { die(ossim_error()); } $db = new ossim_db(); $conn = $db->connect(); // Get Directive info list($properties, $num_properties) = Compliance::get_category($conn, "AND category.sid={$directive_id}"); // Get ISO 27001 rules linked to this directive. $iso_groups = Compliance_iso27001::get_groups($conn, "WHERE SIDSS_Ref LIKE '{$directive_id}' OR SIDSS_Ref LIKE '{$directive_id},%' OR SIDSS_Ref LIKE '%,{$directive_id}' OR SIDSS_Ref LIKE '%,{$directive_id},%'"); // Get PCI DSS 2.0 rules linked to this directive. $pci2_groups = Compliance_pci::get_groups($conn, "WHERE SIDSS_ref LIKE '{$directive_id}' OR SIDSS_ref LIKE '{$directive_id},%' OR SIDSS_ref LIKE '%,{$directive_id}' OR SIDSS_ref LIKE '%,{$directive_id},%'"); // Get PCI DSS 3.0 rules linked to this directive. Compliance_pci::set_pci_version(3); $pci3_groups = Compliance_pci::get_groups($conn, "WHERE SIDSS_ref LIKE '{$directive_id}' OR SIDSS_ref LIKE '{$directive_id},%' OR SIDSS_ref LIKE '%,{$directive_id}' OR SIDSS_ref LIKE '%,{$directive_id},%'"); $criteria = array("src_ip" => '', "dst_ip" => '', "hide_closed" => 0, "order" => '', "inf" => 0, "sup" => 5, "date_from" => '', "date_to" => '', "query" => '', "directive_id" => $directive_id, "intent" => 0, "sensor" => '', "tag" => '', "num_events" => '', "num_events_op" => 0, "plugin_id" => '', "plugin_sid" => '', "ctx" => '', "host" => '', "net" => '', "host_group" => ''); list($alarms, $num_alarms) = Alarm::get_list($conn, $criteria); ?> <table class="transparent" height="100%" width="100%"> <tr> <td class="nobborder" valign="top"> <table height="100%" width="100%"> <tr><th colspan="2" height="15"><?php echo _("Properties"); ?> </th></tr> <?php if (count($properties) < 1) { ?> <tr> <td class="nobborder center" style="color:gray;padding:10px;white-space: nowrap;">