/* Connect to the Alert database */ $db = NewBASEDBConnection($DBlib_path, $DBtype); $db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password, 0, 1); $cs = new CriteriaState("base_stat_otx.php", ""); $cs->ReadState(); /* Dump some debugging information on the shared state */ // if ($debug_mode > 0) { // PrintCriteriaState(); // } $qs = new QueryState(); if ($event_cache_auto_update == 1) UpdateAlertCache($db); $criteria_clauses = ProcessCriteria(); // Include base_header.php if ($qs->isCannedQuery()) PrintBASESubHeader($page_title . ": " . $qs->GetCurrentCannedQueryDesc() , $page_title . ": " . $qs->GetCurrentCannedQueryDesc() , $cs->GetBackLink() , 1); else PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink() , 1); $criteria = $criteria_clauses[0] . " " . $criteria_clauses[1]; if (preg_match("/otx_data/",$criteria)) { $where = " WHERE " . $criteria_clauses[1]; $from = " FROM acid_event " . $criteria_clauses[0]; } else { $where = " WHERE " . $criteria_clauses[1] . " AND acid_event.id=otx_data.event_id"; $from = " FROM acid_event " . $criteria_clauses[0]. ", otx_data"; }
$qs->AddCannedQuery("most_frequent", $freq_num_uaddr, gettext("Most Frequent IP addresses"), "occur_d"); $qs->MoveView($submit); /* increment the view if necessary */ if ($addr_type == SOURCE_IP) { $page_title = gettext("Unique Source Address(es)"); $results_title = gettext("Src IP address"); $addr_type_name = "ip_src"; } else { if ($addr_type != DEST_IP) { ErrorMessage(gettext("CRITERIA ERROR: unknown address type -- assuming Dst address")); } $page_title = gettext("Unique Destination Address(es)"); $results_title = gettext("Dst IP address"); $addr_type_name = "ip_dst"; } if ($qs->isCannedQuery()) { PrintBASESubHeader($page_title . ": " . $qs->GetCurrentCannedQueryDesc(), $page_title . ": " . $qs->GetCurrentCannedQueryDesc(), $cs->GetBackLink(), 1); } else { PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), 1); } if ($event_cache_auto_update == 1) { UpdateAlertCache($db); } $criteria_clauses = ProcessCriteria(); if (!$printing_ag) { /* ***** Generate and print the criteria in human readable form */ echo '<TABLE WIDTH="100%"> <TR> <TD WIDTH="60%" VALIGN=TOP>'; if (!array_key_exists("minimal_view", $_GET)) { PrintCriteria($caller);
// } != "") $cs->criteria['data']->criteria_cnt = 1; if ($_GET["data"][0][2] != "") { $cs->criteria['data']->criteria_cnt = 1; } $submit = gettext("Query DB"); /* restore the real submit value */ $_POST['submit'] = $submit; } $cs->ReadState(); $qs = new QueryState(); $qs->AddCannedQuery("last_tcp", $last_num_alerts, gettext("Last TCP Events"), "time_d"); $qs->AddCannedQuery("last_udp", $last_num_alerts, gettext("Last UDP Events"), "time_d"); $qs->AddCannedQuery("last_icmp", $last_num_alerts, gettext("Last ICMP Events"), "time_d"); $qs->AddCannedQuery("last_any", $last_num_alerts, gettext("Last Events"), "time_d"); $page_title = gettext("Query Results"); if ($qs->isCannedQuery()) { if (!array_key_exists("minimal_view", $_GET)) { PrintBASESubHeader($page_title . ": " . $qs->GetCurrentCannedQueryDesc(), $page_title . ": " . $qs->GetCurrentCannedQueryDesc(), $cs->GetBackLink(), 1); } else { PrintBASESubHeader($page_title . ": " . $qs->GetCurrentCannedQueryDesc(), $page_title . ": " . $qs->GetCurrentCannedQueryDesc(), "", 1); } } else { if (!array_key_exists("minimal_view", $_GET)) { PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), 1); } else { PrintBASESubHeader($page_title, $page_title, "", 1); } } if ($event_cache_auto_update == 1) { UpdateAlertCache($db); }