function plugin_activity($conn, $data) { $asset_id = $data['asset']; ossim_valid($asset_id, OSS_HEX, 'illegal:' . _("ASSET")); check_ossim_error(); $active_plugin = array(); $total_plugins = 0; try { $sensors = Asset_host_sensors::get_sensors_by_id($conn, $asset_id); $client = new Alienvault_client(); foreach ($sensors as $sensor_id => $s_data) { $plugins = $client->sensor(Util::uuid_format($sensor_id))->get_plugins_by_assets(); $plugins = @json_decode($plugins, TRUE); if ($plugins['status'] == 'success') { if (array_key_exists($asset_id, $plugins['data']['plugins'])) { $plugins = $plugins['data']['plugins'][$asset_id]; foreach ($plugins as $pdata) { $active = Asset_host_devices::check_device_connectivity($conn, $asset_id, $pdata['plugin_id'], $sensor_id, TRUE); if ($active) { $row_id = md5($asset_id . $pdata['cpe'] . $sensor_id); $active_plugin[$row_id] = TRUE; } $total_plugins++; } } } } } catch (Exception $e) { //nothing here } $response['error'] = FALSE; $response['data']['plugins'] = $active_plugin; $response['data']['total_p'] = $total_plugins; return $response; }
$s_ip = $server_obj->get_ip(); $server = $s_name . ' (' . $s_ip . ')'; $e_msg = sprintf(_("Unable to deploy agent to assets on a child server. Please login to %s to deploy the HIDS agents"), $server); } Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg); } } catch (Exception $e) { $validation_errors['asset_id'] = $e->getMessage(); } if (empty($validation_errors)) { //Getting asset information $_ips = $asset->get_ips(); $ips = $_ips->get_ips(); //Checking HIDS Sensor $cnd_1 = Ossec_utilities::is_sensor_allowed($conn, $sensor_id) == FALSE; $asset_sensors = Asset_host_sensors::get_sensors_by_id($conn, $asset_id); $cnd_2 = empty($asset_sensors[$sensor_id]); if ($cnd_1 || $cnd_2) { $validation_errors['sensor_id'] = sprintf(_("Sensor %s not allowed. Please check with your account admin for more information"), Av_sensor::get_name_by_id($conn, $sensor_id)); } else { $system_ids = Av_center::get_system_id_by_component($conn, $sensor_id); $res = Av_center::get_system_info_by_id($conn, $system_ids['non-canonical']); if ($res['status'] == 'success') { //We use this function to calculate sensor name because in HA environments there are two systems for one Sensor ID if (empty($res['data']['ha_ip'])) { $sensor_name = $res['data']['name']; } else { $sensor_name = Av_sensor::get_name_by_id($conn, $sensor_id); } $sensor_ip = $res['data']['current_ip']; if (Ossec_utilities::get_default_sensor_id() == $sensor_id && empty($res['data']['ha_ip'])) {
if (!empty($net_id)) { // Net with ID $total_host += Util::host_in_net($ip_cidr); $name = Asset_net::get_name_by_id($conn, $net_id); $perm = Session::netAllowed($conn, $net_id); if (count($sensors) == 0) { $sensors = array_keys(Asset_net_sensors::get_sensors_by_id($conn, $net_id)); } } else { if (!empty($host_id)) { // Host with ID $total_host++; $name = Asset_host::get_name_by_id($conn, $host_id); $perm = $unresolved ? TRUE : Session::hostAllowed($conn, $host_id); if (count($sensors) == 0) { $sensors = array_keys(Asset_host_sensors::get_sensors_by_id($conn, $host_id)); } } else { if (preg_match("/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\/\\d{1,2}?\$/", $ip_cidr)) { // Net without ID $total_host += Util::host_in_net($ip_cidr); $name = $target; $perm = TRUE; } else { if (preg_match("/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\$/", $ip_cidr)) { // Host without ID $total_host++; $name = $target; $perm = TRUE; if (count($sensors) == 0) { $closetnet_id = key(Asset_host::get_closest_net($conn, $ip_cidr));
function get_assets($conn, $id, $type, $host_types) { $filters = array('where' => 'sensor_properties.has_nagios = 1', 'order_by' => 'priority desc'); list($nagios_list, $nagios_total) = Av_sensor::get_list($conn, $filters); $sensor = NULL; $sensors = array(); $type = strtolower($type); $id = strtoupper($id); // in_assets first $in_assets = is_in_assets($conn, $id, $type); //Host, sensor or server if (in_array($type, $host_types)) { $table = $type; if ($type == 'host') { $what = 'host_id'; $table = 'host_ip'; } else { $what = 'id'; } $query = "SELECT INET6_NTOA(ip) AS ip FROM {$table} WHERE {$what} = UNHEX(?) LIMIT 1"; $params = array($id); $rs = $conn->Execute($query, $params); if ($rs) { $ips = $rs->fields['ip']; } // Related sensors if ($type == 'host') { $sensors = Asset_host_sensors::get_sensors_by_id($conn, $id); } elseif ($type == 'sensor') { $sensors[$id] = $ips; } else { $s_id = Av_sensor::get_id_by_ip($conn, Util::get_default_admin_ip()); $sensors[$s_id] = Util::get_default_admin_ip(); } } elseif ($type == 'net') { $query = "SELECT ips FROM net WHERE id = UNHEX(?)"; $params = array($id); $rs = $conn->Execute($query, $params); if ($rs) { $ips = $rs->fields['ips']; } // Related sensors $sensors = Asset_net_sensors::get_sensors_by_id($conn, $id); } elseif ($type == 'net_group' || $type == 'netgroup') { $query = "SELECT hex(ngr.net_id) as net_id, n.ips FROM net_group_reference AS ngr, net AS n\n WHERE ngr.net_group_id = UNHEX(?) AND ngr.net_id = n.id"; $net_ids = array($id); $params = $net_ids; $rs = $conn->Execute($query, $params); if ($rs) { $ipng = array(); if (!$rs->EOF) { $net_ids = array(); } while (!$rs->EOF) { $ipng[] = $rs->fields['ips']; $net_ids[] = $rs->fields['net_id']; $rs->MoveNext(); } $ips = count($ipng) > 0 ? implode(",", $ipng) : "'0.0.0.0/0'"; if (count($ipng) == 0) { $in_assets = 0; } } // Related sensors foreach ($net_ids as $net_id) { $_sensors_aux = Asset_net_sensors::get_sensors_by_id($conn, $net_id); foreach ($_sensors_aux as $sensor_id => $sensor_data) { $sensors[$sensor_id] = $sensor_data['ip']; } } } elseif ($type == 'host_group' || $type == 'hostgroup') { $query = "SELECT hex(hg.host_id) as host_id, INET6_NTOA(hi.ip) AS ip FROM host_group_reference hg, host_ip hi\n WHERE hi.host_id=hg.host_id AND hg.host_group_id = UNHEX(?)"; $host_ids = array($id); $params = $host_ids; $rs = $conn->Execute($query, $params); if ($rs) { $iphg = array(); if (!$rs->EOF) { $host_ids = array(); } while (!$rs->EOF) { $iphg[] = "'" . $rs->fields['ip'] . "'"; $host_ids[] = $rs->fields['host_id']; $rs->MoveNext(); } $ips = count($iphg) > 0 ? implode(',', $iphg) : "'0.0.0.0'"; if (count($iphg) == 0) { $in_assets = 0; } } // Related sensors foreach ($host_ids as $host_id) { $_sensors_aux = Asset_host_sensors::get_sensors_by_id($conn, $host_id); foreach ($_sensors_aux as $sensor_id => $sensor_data) { $sensors[$sensor_id] = $sensor_data['ip']; } } } //Getting first Nagios sensor (By priority) if ($nagios_total > 0) { foreach ($nagios_list as $n_sensor_id => $n_sensor_data) { if (array_key_exists($n_sensor_id, $sensors)) { $sensor = $n_sensor_data['ip']; break; } } } return array($id, $sensor, $type, $ips, $in_assets); }