PHP SIEM_trendsの例

コード例 #1

ファイル: event_trends.php プロジェクト: jhbsz/ossimTest

    list($data, $plugins) = SIEM_trends_week("ossec%");
    $max = 7;
    for ($i = $max - 1; $i >= 0; $i--) {
        $d = gmdate("j M", $timetz - 86400 * $i);
        $hours[] = $d;
        $trend[] = $data[$d] != "" ? $data[$d] : 0;
    }
    /*foreach ($data as $h => $v) {
      	$hours[] = $h;
      	$trend[] = ($v!="") ? $v : 0;
      }
      $max = count($hours);*/
    $siem_url = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=day&time[0][0]=+&time[0][1]=>%3D&time[0][2]=MM&time[0][3]=DD&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=00&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=MM&time[1][3]=DD&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=23&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics&plugin=" . $plugins;
} else {
    $js = "analytics_duo";
    $data = SIEM_trends();
    $data2 = Logger_trends();
    for ($i = $max - 1; $i >= 0; $i--) {
        $h = gmdate("j G", $timetz - 3600 * $i) . "h";
        $hours[] = preg_replace("/^\\d+ /", "", $h);
        $trend[] = $data[$h] != "" ? $data[$h] : 0;
        $trend2[] = $data2[$h] != "" ? $data2[$h] : 0;
    }
    $siem_url = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=day&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz) . "&time[0][3]=" . gmdate("d", $timetz) . "&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz) . "&time[1][3]=" . gmdate("d", $timetz) . "&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics";
    $siem_url_y = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=day&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz - 86400) . "&time[0][3]=" . gmdate("d", $timetz - 86400) . "&time[0][4]=" . gmdate("Y", $timetz - 86400) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz - 86400) . "&time[1][3]=" . gmdate("d", $timetz - 86400) . "&time[1][4]=" . gmdate("Y", $timetz - 86400) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics";
}
//
$empty = true;
?>
<body scroll="no" style="overflow:hidden;font-family:arial;font-size:11px">		
	<table id="data" style="display:none">

コード例 #2

ファイル: security.php プロジェクト: jackpf/ossim-arc

             $link = Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=all&submit=Query+DB&sig_type=1&sig%5B0%5D=%3D&sig%5B1%5D=" . $rg->fields["plugin_id"] . "%3B" . $rg->fields["sid"] . "&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events');
             $links[] = $link;
             $rg->MoveNext();
         }
     }
     $hide_x_axis = TRUE;
     $colors = get_widget_colors(count($data));
     break;
 case 'siemhours':
     //Amount of hours to show in the widget.
     $max = $chart_info['range'] == '' ? 16 : $chart_info['range'];
     //Type of graph. In this case is the simple raphael.
     $js = "analytics";
     //Retrieving the data of the widget
     $fdate = gmdate("Y-m-d H", $timetz - 3600 * ($max - 1));
     $values = SIEM_trends($max, $assets_filters, $fdate);
     //Formating the info into a generinf format valid for the handler.
     for ($i = $max - 1; $i >= 0; $i--) {
         $tref = $timetz - 3600 * $i;
         $h = gmdate("j G", $tref) . "h";
         $label[] = preg_replace("/\\d+ /", "", $h);
         $data[] = $values[$h] != "" ? $values[$h] : 0;
         $link = Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $tref) . "&time[0][3]=" . gmdate("d", $tref) . "&time[0][4]=" . gmdate("Y", $tref) . "&time[0][5]=" . gmdate("H", $tref) . "&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $tref) . "&time[1][3]=" . gmdate("d", $tref) . "&time[1][4]=" . gmdate("Y", $tref) . "&time[1][5]=" . gmdate("H", $tref) . "&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events');
         $key = preg_replace('/^0/', '', gmdate("H", $tref) . 'h');
         $links[$key] = $link;
     }
     //Widget's links
     $siem_url = $links;
     $colors = "'#444444'";
     //Message in case of empty widget.
     $nodata_text = "No data available yet";

コード例 #3

ファイル: siem.php プロジェクト: jackpf/ossim-arc

         }
     }
     $colors = get_widget_colors(count($data));
     break;
 case 'siemlogger':
     //Amount of hours to show in the widget.
     //$max   = ($chart_info['range'] == '')? 16 : $chart_info['range'];
     $max = 16;
     //By now it will be always 24 hours
     //Type of graph. In this case is the simple raphael.
     $js = "analytics_duo";
     $fdate = gmdate("Y-m-d H", $timetz - 3600 * ($max - 1));
     //Retrieving the data of the widget
     $trend1 = array();
     if (Session::menu_perms("analysis-menu", "EventsForensics")) {
         $trend1 = SIEM_trends($max, $assets_filters, $fdate);
     }
     //Empty logger if any user perms over ctx, host, net
     $trend2 = array();
     $logger_last_date = gmdate("YmdHis", $timetz);
     if (Session::is_pro() && Session::menu_perms("analysis-menu", "ControlPanelSEM")) {
         list($trend2, $logger_last_date) = Logger_trends();
     }
     for ($i = $max - 1; $i >= 0; $i--) {
         $tref = $timetz - 3600 * $i;
         $h = gmdate("j G", $tref) . "h";
         $lbl = preg_replace("/^\\d+ /", "", $h);
         $label[] = $lbl;
         $data1[] = $trend1[$h] != "" ? $trend1[$h] : 0;
         $data2[] = $trend2[$h] != "" ? $trend2[$h] : 0;
         $dates[] = gmdate("YmdHis", $tref);

コード例 #4

ファイル: siem.php プロジェクト: AntBean/alienvault-ossim

             $label[] = $rg->fields["name"];
             $links[] = "'{$forensic_link}&category%5B1%5D=&category%5B0%5D=" . $rg->fields["category_id"] . "'";
             $rg->MoveNext();
         }
     }
     $colors = get_widget_colors(count($data));
     break;
 case 'siemlogger':
     //Amount of hours to show in the widget.
     //$max   = ($chart_info['range'] == '')? 16 : $chart_info['range'];
     $max = 16;
     //By now it will be always 24 hours
     //Type of graph. In this case is the simple raphael.
     $js = "analytics_duo";
     //Retrieving the data of the widget
     $trend1 = Session::menu_perms("analysis-menu", "EventsForensics") ? SIEM_trends($max, $assets_filters) : array();
     //Empty logger if any user perms over ctx, host, net
     $trend2 = array();
     if (Session::is_pro() && Session::menu_perms("analysis-menu", "ControlPanelSEM")) {
         $trend2 = Logger_trends();
     }
     for ($i = $max - 1; $i >= 0; $i--) {
         $h = gmdate("j G", $timetz - 3600 * $i) . "h";
         $label[] = preg_replace("/^\\d+ /", "", $h);
         $data1[] = $trend1[$h] != "" ? $trend1[$h] : 0;
         $data2[] = $trend2[$h] != "" ? $trend2[$h] : 0;
     }
     $data[] = $data1;
     $data[] = $data2;
     $siem_url = "'" . Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz) . "&time[0][3]=" . gmdate("d", $timetz) . "&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz) . "&time[1][3]=" . gmdate("d", $timetz) . "&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events') . "'";
     $siem_url_y = "'" . Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz - 86400) . "&time[0][3]=" . gmdate("d", $timetz - 86400) . "&time[0][4]=" . gmdate("Y", $timetz - 86400) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz - 86400) . "&time[1][3]=" . gmdate("d", $timetz - 86400) . "&time[1][4]=" . gmdate("Y", $timetz - 86400) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events') . "'";

コード例 #5

ファイル: security.php プロジェクト: AntBean/alienvault-ossim

             $name = Util::signaturefilter($rg->fields["name"]);
             $label[] = strlen($name) > 25 ? substr($name, 0, 25) . "..." : $name;
             $link = Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=all&submit=Query+DB&sig_type=1&sig%5B0%5D=%3D&sig%5B1%5D=" . $rg->fields["plugin_id"] . "%3B" . $rg->fields["sid"] . "&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events');
             $links[] = "'{$link}'";
             $rg->MoveNext();
         }
     }
     $colors = get_widget_colors(count($data));
     break;
 case 'siemhours':
     //Amount of hours to show in the widget.
     $max = $chart_info['range'] == '' ? 16 : $chart_info['range'];
     //Type of graph. In this case is the simple raphael.
     $js = "analytics";
     //Retrieving the data of the widget
     $values = SIEM_trends($max, $assets_filters);
     //Formating the info into a generinf format valid for the handler.
     for ($i = $max - 1; $i >= 0; $i--) {
         $h = gmdate("j G", $timetz - 3600 * $i) . "h";
         $label[] = preg_replace("/\\d+ /", "", $h);
         $data[] = $values[$h] != "" ? $values[$h] : 0;
         $link = Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz) . "&time[0][3]=" . gmdate("d", $timetz) . "&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz) . "&time[1][3]=" . gmdate("d", $timetz) . "&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events');
         $links[] = "'{$link}'";
     }
     //Widget's links
     $siem_url = $links[0];
     $colors = "'#444444'";
     //Message in case of empty widget.
     $nodata_text = "No data available yet";
     break;
 case 'siemdays':