$timetz = gmdate("U") + 3600 * $tz; // time to generate dates with timezone correction $agent = $_SESSION['_agent_info'][md5($agent_id)]; $db = new ossim_db(); $conn = $db->connect(); //Agents trends if ($agent['ip'] == '127.0.0.1') { // Get default system uuid $system_id = Util::get_system_uuid(); $system_info = Av_center::get_system_info_by_id($conn, $system_id); if ($system_info['status'] == 'success') { $sensor_ip = $system_info['data']['admin_ip']; } $ip_cidr = empty($sensor_ip) ? $agent['ip'] : $sensor_ip; } else { $agent_idm_data = Ossec_agent::get_idm_data($sensor_id, $agent['ip']); $agent_idm_ip = $agent_idm_data['ip']; if (empty($agent_idm_ip)) { try { $agent_idm_ip = Ossec_agent::get_last_ip($sensor_id, $agent); } catch (Exception $e) { } } $ip_cidr = Asset_host_ips::valid_ip($agent_idm_ip) ? $agent_idm_ip : $agent['ip']; } $data = array(); if (!preg_match('/Never connected/i', $agent['status']) && Asset_host_ips::valid_ip($ip_cidr)) { $data = Ossec_utilities::SIEM_trends_hids($conn, $ip_cidr); } $trend_plot = "<div style='color:gray; margin:15px; text-align:center;'>" . _('Trend chart not available') . "</div>"; if (is_array($data) && !empty($data)) {
$validate = array('sensor_id' => array('validation' => "OSS_HEX", 'e_message' => 'illegal:' . _('Sensor ID')), 'agent_id' => array('validation' => "OSS_DIGIT", 'e_message' => 'illegal:' . _('Agent ID')), 'agent_name' => array('validation' => 'OSS_SCORE, OSS_LETTER, OSS_DIGIT, OSS_DOT, OSS_SPACE, "(", ")"', 'e_message' => 'illegal:' . _('Agent Name')), 'agent_ip' => array('validation' => 'OSS_IP_CIDR_0', 'e_message' => 'illegal:' . _('Agent IP'))); if ($agent_ip == 'any') { $validate['ip_cidr'] = array('validation' => 'any', 'e_message' => 'illegal:' . _('Agent IP')); } $validation_errors = validate_form_fields('POST', $validate); if (empty($validation_errors['sensor_id'])) { $db = new ossim_db(); $conn = $db->connect(); if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) { $validation_errors['sensor_id'] = _('Error! Sensor not allowed'); } $db->close(); } if (empty($validation_errors)) { //IDM Info $agent_idm_data = Ossec_agent::get_idm_data($sensor_id, $agent_ip); if (empty($agent_idm_data)) { $agent = array('ip' => $agent_ip, 'name' => $agent_name); $last_ip = Ossec_agent::get_last_ip($sensor_id, $agent); if (Asset_host_ips::valid_ip($last_ip)) { $agent_idm_data = array('userdomain' => '-', 'ip' => $last_ip); } else { $agent_idm_data = array('userdomain' => '-', 'ip' => '-'); } } $data['status'] = 'success'; $data['data'] = $agent_idm_data; } else { $data['status'] = 'error'; $data['data'] = $validation_errors; }