qroPrintEntryHeader($i); /* Generating checkbox value -- nikns */ //($addr_type == SOURCE_IP) ? ($src_ip = $myrow[0]) : ($dst_ip = $myrow[0]); //$tmp_rowid = $src_ip . "_" . $dst_ip; //echo ' <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">'; //echo ' <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>'; /* Check for a NULL IP which indicates an event (e.g. portscan) * which has no IP */ qroPrintEntry(BuildIDMLink($currentIP, $addr_type) . $currentIP . '</A> ', 'center', '', 'nowrap'); /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '¤t_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '¤t_view=-1&sort_order=occur_d'; $url_criteria = BuildIDMVars($currentIP, $addr_type); $url_criteria_src = BuildIDMVars($currentIP, $addr_type, "src"); $url_criteria_dst = BuildIDMVars($currentIP, $addr_type, "dst"); qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), 'center', 'middle'); qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . Util::number_format_locale($num_events, 0) . '</A>', 'center', 'middle'); qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_src . '">' . Util::number_format_locale($num_sig_src, 0) . '</A>', 'center', 'middle'); qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_dst . '">' . Util::number_format_locale($num_sig_dst, 0) . '</A>', 'center', 'middle'); qroPrintEntry(Util::number_format_locale($num_sip, 0), 'center', 'middle'); qroPrintEntry(Util::number_format_locale($num_dip, 0), 'center', 'middle'); qroPrintEntryFooter(); ++$i; } $result->baseFreeRows(); $qro->PrintFooter(); $qs->PrintBrowseButtons(); $qs->PrintAlertActionButtons(); $qs->SaveState(); ExportHTTPVar("addr_type", $addr_type);
function BuildIDMLink($idmvalue, $field, $source = "both") { require_once 'classes/menu.inc'; $url = Menu::get_menu_url('base_qry_main.php?new=2&num_result_rows=-1&submit=Query+DB¤t_view=-1' . BuildIDMVars($idmvalue, $field, $source), 'analysis', 'security_events', 'security_events'); return '<a style="color:navy;" href="' . $url . '"></a>'; }
$num_sig = $myrow[3]; $num_ip = $myrow[4]; qroPrintEntryHeader($i); /* Generating checkbox value -- nikns */ //($addr_type == SOURCE_IP) ? ($src_ip = $myrow[0]) : ($dst_ip = $myrow[0]); //$tmp_rowid = $src_ip . "_" . $dst_ip; //echo ' <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">'; //echo ' <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>'; /* Check for a NULL IP which indicates an event (e.g. portscan) * which has no IP */ qroPrintEntry(BuildIDMLink($currentIP, $field, $source) . $currentIP . '</A> ', 'center', 'middle', 'nowrap'); /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&sort_order=occur_d'; $url_criteria = BuildIDMVars($currentIP, $field, $source); qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), 'center', 'middle'); qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . Util::number_format_locale($num_events, 0) . '</A>', 'center', 'middle'); qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria . '">' . Util::number_format_locale($num_sig, 0) . '</A>', 'center', 'middle'); qroPrintEntry(Util::number_format_locale($num_ip, 0), 'center', 'middle'); qroPrintEntryFooter(); ++$i; } $result->baseFreeRows(); $qro->PrintFooter(); $qs->PrintBrowseButtons(); $qs->PrintAlertActionButtons(); $qs->SaveState(); ExportHTTPVar("addr_type", $addr_type); echo "\n</FORM>\n<br>"; $et->Mark("Get Query Elements");