function PrintEventsByIP($db, $ip)
{
global $debug_mode;
$count = 0;
/* Jeffs stuff */
/* Count total events for the given address */
$event_cnt = EventCntByAddr($db, $ip);
/* Grab unique alerts and count them */
$unique_events = UniqueEventCntByAddr($db, $ip, $count);
$unique_event_cnt = count($unique_events);
printf("<B>" . gettext("%d unique events detected among %d events on %s") . "/32</B><BR>", $unique_event_cnt, $event_cnt, $ip);
/* Print the Statistics on Each of the Unique Alerts */
echo '<TABLE BORDER=0>
<TR>
<TD CLASS="headerbasestat">' . gettext("TCP Flags") . '</TD>
<TD CLASS="headerbasestat">' . gettext("Total<BR> Occurrences") . '</TD>
<TD CLASS="headerbasestat">' . gettext("Num of Sensors") . '</TD>
<TD CLASS="headerbasestat">' . gettext("First<BR> Occurrence") . '</TD>
<TD CLASS="headerbasestat">' . gettext("Last<BR> Occurrence") . '</TD>
</TR>';
for ($i = 0; $i < $unique_event_cnt; $i++) {
$current_event = $unique_events[$i];
$total = UniqueEventTotalsByAddr($db, $ip, $current_event);
$num_sensors = UniqueSensorCntByAddr($db, $ip, $current_event);
$start_time = StartTimeForUniqueEventByAddr($db, $ip, $current_event);
$stop_time = StopTimeForUniqueEventByAddr($db, $ip, $current_event);
$cellcolor = $i % 2 != 0 ? "bgcolor='#f2f2f2'" : "";
/* Print out */
echo "<TR {$cellcolor}>";
if ($debug_mode > 1) {
SQLTraceLog(__FILE__ . ":" . __LINE__ . ":" . __FUNCTION__ . ": Before BuildSigByID()");
}
$signame = BuildSigByPlugin($unique_events[$i][0], $unique_events[$i][1], $db);
echo " <TD ALIGN='center'> " . str_replace("##", "", html_entity_decode($signame));
if ($debug_mode > 1) {
SQLTraceLog(__FILE__ . ":" . __LINE__ . ":" . __FUNCTION__ . ": After BuildSigByID()");
}
$tmp_iplookup = 'base_qry_main.php?new=1&sig_type=1&sig%5B0%5D=%3D&sig%5B1%5D=' . urlencode($unique_events[$i][0] . ";" . $unique_events[$i][1]) . '&num_result_rows=-1&submit=' . gettext("Query+DB") . '¤t_view=-1&ip_addr_cnt=2' . BuildIPFormVars($ip);
$tmp_sensor_lookup = 'base_stat_sensor.php?sig_type=1&sig%5B0%5D=%3D&sig%5B1%5D=' . urlencode($unique_events[$i][0] . ";" . $unique_events[$i][1]) . '&ip_addr_cnt=2' . BuildIPFormVars($ip);
echo " <TD align='center'> <A HREF=\"{$tmp_iplookup}\">{$total}</A> ";
echo " <TD align='center'> <A HREF=\"{$tmp_sensor_lookup}\">{$num_sensors}</A> ";
//echo " <TD align='center'> $num_sensors";
echo " <TD align='center'> {$start_time}";
echo " <TD align='center' valign='middle'> {$stop_time}";
echo '</TR>';
}
echo "</TABLE>\n";
}
$current_sport = ":" . $myrow["layer4_sport"];
}
if ($myrow["layer4_dport"] != 0) {
$current_dport = ":" . $myrow["layer4_dport"];
}
if ($debug_mode > 1) {
SQLTraceLog("\n\n");
SQLTraceLog(__FILE__ . ":" . __LINE__ . ":\n############## <calls to BuildSigByID> ##################");
}
// SIGNATURE
$current_sig = TranslateSignature($current_sig, $myrow);
$current_sig_txt = trim(html_entity_decode(strip_tags($current_sig)));
//$current_sig_txt = BuildSigByID($myrow[2], $myrow["sid"], $myrow["cid"], $db, 2);
if ($debug_mode > 1) {
SQLTraceLog(__FILE__ . ":" . __LINE__ . ":\n################ </calls to BuildSigByID> ###############");
SQLTraceLog("\n\n");
}
$current_otype = $myrow["ossim_type"];
$current_oprio = $myrow["ossim_priority"];
$current_oreli = $myrow["ossim_reliability"];
$current_oasset_s = $myrow["ossim_asset_src"];
$current_oasset_d = $myrow["ossim_asset_dst"];
$current_oriskc = $myrow["ossim_risk_c"];
$current_oriska = $myrow["ossim_risk_a"];
if ($portscan_payload_in_signature == 1) {
/* fetch from payload portscan open port number */
if (stristr($current_sig_txt, "(portscan) Open Port")) {
$sql2 = "SELECT data_payload FROM data WHERE sid='" . $myrow["sid"] . "' AND cid='" . $myrow["cid"] . "'";
$result2 = $db->baseExecute($sql2);
$myrow_payload = $result2->baseFetchRow();
$result2->baseFreeRows();