function PrintCriteria2() { global $db, $cs, $last_num_alerts, $save_criteria; /* Generate the Criteria entered into a human readable form */ $criteria_arr = array(); $tmp_len = strlen($save_criteria); $meta_keys = array("sensor", "plugin", "plugingroup", "userdata", "sourcetype", "category", "sig", "time", "ossim_risk_a", "ossim_priority", "ossim_reliability", "ossim_asset_dst", "ossim_type", "device", "ctx", "idm_username", "idm_hostname", "idm_domain", "networkgroup", "hostid", "netid", "ip_addr", "ip_field", "rep", "otx", "tcp_port", "udp_port"); // data encoded as ascii exception if (!$cs->criteria['data']->isEmpty()) { $meta_keys[] = "data"; } foreach ($meta_keys as $key) { if ($cs->criteria[$key]->Description() != "") { if (method_exists($cs->criteria[$key], "Description_light")) { $name = $cs->criteria[$key]->Description_light(); } else { $name = $cs->criteria[$key]->Description(); } $c_type = get_criteria_main_type($key); $criteria_report[$c_type] .= $criteria_report[$c_type] != "" ? ", " . $name : $name; $crit_name = $cs->criteria[$key]->export_name; $url = $cs->GetClearCriteriaUrl($crit_name); $criteria_arr[] = '<li data-info="' . $url . '">' . $name . '</li>'; } } if (!setlocale(LC_TIME, gettext("eng_ENG.ISO8859-1"))) { if (!setlocale(LC_TIME, gettext("eng_ENG.utf-8"))) { setlocale(LC_TIME, gettext("english")); } } // Report Data // Only event listings will store in datawarehouse report data if ($_SERVER['SCRIPT_NAME'] != "/ossim/forensics/base_stat_ipaddr.php") { $report_data = array(); $r_meta = preg_replace("/\\<a (.*?)\\<\\/a\\>|\\ |,\\s+\$/i", "", preg_replace("/\\<br\\>/i", ", ", $criteria_report['meta'])); $r_payload = preg_replace("/\\<a (.*?)\\<\\/a\\>|\\ /i", "", $criteria_report['payload']); $r_ip = preg_replace("/\\<a (.*?)\\<\\/a\\>|\\ /i", "", $criteria_report['ip']); $r_l4 = preg_replace("/\\<a (.*?)\\<\\/a\\>|\\ /i", "", $criteria_report['layer4']); $report_data[] = array(_("META"), strip_tags($r_meta), "", "", "", "", "", "", "", "", "", 0, 0, 0); $report_data[] = array(_("PAYLOAD"), strip_tags($r_payload), "", "", "", "", "", "", "", "", "", 0, 0, 0); $report_data[] = array(_("IP"), strip_tags($r_ip), "", "", "", "", "", "", "", "", "", 0, 0, 0); $report_data[] = array(_("LAYER 4"), strip_tags($r_l4), "", "", "", "", "", "", "", "", "", 0, 0, 0); SaveCriteriaReportData($report_data); } ?> <div> <div> <div class='siem_form_clear'> <a href="base_qry_main.php?clear_allcriteria=1&num_result_rows=-1&submit=Query+DB¤t_view=-1&sort_order=time_d" class="uppercase"><?php echo _("Clear Filters"); ?> </a> <a href="" onclick="re_load();return false"><img src="../pixmaps/forensic_refresh.png" border="0" class='siem_refresh_img'/></a> </div> <div class='clear_layer'></div> </div> <div> <ul id="criteria_tagit"> <?php echo implode('', $criteria_arr); ?> </ul> </div> </div> <?php }
function PrintCriteria($caller) { global $db, $cs, $last_num_alerts, $save_criteria; /* Generate the Criteria entered into a human readable form */ $criteria_arr = array(); /* If printing any of the LAST-X stats then ignore all the other criteria */ if ($caller == "last_tcp" || $caller == "last_udp" || $caller == "last_icmp" || $caller == "last_any") { $save_criteria = $save_criteria . ' '; if ($caller == "last_tcp") { $save_criteria .= gettext("Last") . ' ' . $last_num_alerts . ' TCP ' . gettext("Event"); } else { if ($caller == "last_udp") { $save_criteria .= gettext("Last") . ' ' . $last_num_alerts . ' UDP ' . gettext("Event"); } else { if ($caller == "last_icmp") { $save_criteria .= gettext("Last") . ' ' . $last_num_alerts . ' ICMP ' . gettext("Event"); } else { if ($caller == "last_any") { $save_criteria .= gettext("Last") . ' ' . $last_num_alerts . ' ' . gettext("Event"); } } } } $save_criteria .= ' </TD></TR></TABLE>'; echo $save_criteria; return; } $tmp_len = strlen($save_criteria); //$save_criteria .= $cs->criteria['sensor']->Description(); //$save_criteria .= $cs->criteria['sig']->Description(); //$save_criteria .= $cs->criteria['sig_class']->Description(); //$save_criteria .= $cs->criteria['sig_priority']->Description(); //$save_criteria .= $cs->criteria['ag']->Description(); //$save_criteria .= $cs->criteria['time']->Description(); //$criteria_arr['meta'] = preg_replace ("/\[\d+\,\d+.*\]\s*/","",$cs->criteria['sensor']->Description()); $criteria_arr['meta'] = $cs->criteria['sensor']->Description(); $criteria_arr['meta'] .= $cs->criteria['plugin']->Description(); $criteria_arr['meta'] .= $cs->criteria['plugingroup']->Description(); $criteria_arr['meta'] .= $cs->criteria['userdata']->Description(); $criteria_arr['meta'] .= $cs->criteria['sourcetype']->Description(); $criteria_arr['meta'] .= $cs->criteria['category']->Description(); $criteria_arr['meta'] .= $cs->criteria['sig']->Description(); $criteria_arr['meta'] .= $cs->criteria['sig_class']->Description(); $criteria_arr['meta'] .= $cs->criteria['sig_priority']->Description(); $criteria_arr['meta'] .= $cs->criteria['ag']->Description(); $criteria_arr['meta'] .= $cs->criteria['time']->Description(); $criteria_arr['meta'] .= $cs->criteria['ossim_risk_a']->Description(); $criteria_arr['meta'] .= $cs->criteria['ossim_priority']->Description(); $criteria_arr['meta'] .= $cs->criteria['ossim_reliability']->Description(); $criteria_arr['meta'] .= $cs->criteria['ossim_asset_dst']->Description(); $criteria_arr['meta'] .= $cs->criteria['ossim_type']->Description(); if ($criteria_arr['meta'] == "") { $criteria_arr['meta'] .= '<I> ' . gettext("any") . ' </I>'; $save_criteria .= '<I> ' . gettext("any") . ' </I>'; } $save_criteria .= ' </TD>'; $save_criteria .= '<TD>'; if (!$cs->criteria['ip_addr']->isEmpty() || !$cs->criteria['ip_field']->isEmpty() || !$cs->criteria['networkgroup']->isEmpty()) { $criteria_arr['ip'] = $cs->criteria['networkgroup']->Description(); $criteria_arr['ip'] .= $cs->criteria['ip_addr']->Description(); $criteria_arr['ip'] .= $cs->criteria['ip_field']->Description(); $save_criteria .= $cs->criteria['ip_addr']->Description(); $save_criteria .= $cs->criteria['ip_field']->Description(); } else { $save_criteria .= '<I> ' . gettext("any") . ' </I>'; $criteria_arr['ip'] = '<I> ' . gettext("any") . ' </I>'; } $save_criteria .= ' </TD>'; $save_criteria .= '<TD CLASS="layer4title">'; $save_criteria .= $cs->criteria['layer4']->Description(); $save_criteria .= '</TD><TD>'; if ($cs->criteria['layer4']->Get() == "TCP") { if (!$cs->criteria['tcp_port']->isEmpty() || !$cs->criteria['tcp_flags']->isEmpty() || !$cs->criteria['tcp_field']->isEmpty()) { $criteria_arr['layer4'] = $cs->criteria['tcp_port']->Description(); $criteria_arr['layer4'] .= $cs->criteria['tcp_flags']->Description(); $criteria_arr['layer4'] .= $cs->criteria['tcp_field']->Description(); $save_criteria .= $cs->criteria['tcp_port']->Description(); $save_criteria .= $cs->criteria['tcp_flags']->Description(); $save_criteria .= $cs->criteria['tcp_field']->Description(); } else { $criteria_arr['layer4'] = '<I> ' . gettext("any") . ' </I>'; $save_criteria .= '<I> ' . gettext("any") . ' </I>'; } $save_criteria .= ' </TD>'; } else { if ($cs->criteria['layer4']->Get() == "UDP") { if (!$cs->criteria['udp_port']->isEmpty() || !$cs->criteria['udp_field']->isEmpty()) { $criteria_arr['layer4'] = $cs->criteria['udp_port']->Description(); $criteria_arr['layer4'] .= $cs->criteria['udp_field']->Description(); $save_criteria .= $cs->criteria['udp_port']->Description(); $save_criteria .= $cs->criteria['udp_field']->Description(); } else { $criteria_arr['layer4'] = '<I> ' . gettext("any") . ' </I>'; $save_criteria .= '<I> ' . gettext("any") . ' </I>'; } $save_criteria .= ' </TD>'; } else { if ($cs->criteria['layer4']->Get() == "ICMP") { if (!$cs->criteria['icmp_field']->isEmpty()) { $criteria_arr['layer4'] = $cs->criteria['icmp_field']->Description(); $save_criteria .= $cs->criteria['icmp_field']->Description(); } else { $criteria_arr['layer4'] = '<I> ' . gettext("any") . ' </I>'; $save_criteria .= '<I> ' . gettext("any") . ' </I>'; } $save_criteria .= ' </TD>'; } else { if ($cs->criteria['layer4']->Get() == "RawIP") { if (!$cs->criteria['rawip_field']->isEmpty()) { $criteria_arr['layer4'] = $cs->criteria['rawip_field']->Description(); $save_criteria .= $cs->criteria['rawip_field']->Description(); } else { $criteria_arr['layer4'] = '<I> ' . gettext("any") . ' </I>'; $save_criteria .= '<I>    ' . gettext("any") . ' </I>'; } $save_criteria .= ' </TD>'; } else { $criteria_arr['layer4'] = '<I> ' . gettext("none") . ' </I>'; $save_criteria .= '<I> ' . gettext("none") . ' </I></TD>'; } } } } /* Payload ************** */ $save_criteria .= ' <TD>'; if (!$cs->criteria['data']->isEmpty()) { $criteria_arr['payload'] = $cs->criteria['data']->Description(); $save_criteria .= $cs->criteria['data']->Description(); } else { $criteria_arr['payload'] = '<I> ' . gettext("any") . ' </I>'; $save_criteria .= '<I> ' . gettext("any") . ' </I>'; } $save_criteria .= ' </TD>'; if (!setlocale(LC_TIME, gettext("eng_ENG.ISO8859-1"))) { if (!setlocale(LC_TIME, gettext("eng_ENG.utf-8"))) { setlocale(LC_TIME, gettext("english")); } } // Report Data $report_data = array(); $r_meta = preg_replace("/\\<a (.*?)\\<\\/a\\>|\\ |,\\s+\$/i", "", preg_replace("/\\<br\\>/i", ", ", $criteria_arr['meta'])); $r_payload = preg_replace("/\\<a (.*?)\\<\\/a\\>|\\ /i", "", $criteria_arr['payload']); $r_ip = preg_replace("/\\<a (.*?)\\<\\/a\\>|\\ /i", "", $criteria_arr['ip']); $r_l4 = preg_replace("/\\<a (.*?)\\<\\/a\\>|\\ /i", "", $criteria_arr['layer4']); $report_data[] = array(_("META"), strip_tags($r_meta), "", "", "", "", "", "", "", "", "", 0, 0, 0); $report_data[] = array(_("PAYLOAD"), strip_tags($r_payload), "", "", "", "", "", "", "", "", "", 0, 0, 0); $report_data[] = array(_("IP"), strip_tags($r_ip), "", "", "", "", "", "", "", "", "", 0, 0, 0); $report_data[] = array(_("LAYER 4"), strip_tags($r_l4), "", "", "", "", "", "", "", "", "", 0, 0, 0); SaveCriteriaReportData($report_data); ?> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH="100%"> <TR> <TD style="padding-top:10px;padding-bottom:10px"> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH="100%"> <TR><TD height="27" align="center" style="background:url('../pixmaps/fondo_col.gif') repeat-x;border:1px solid #CACACA"> <table width="100%"> <tr> <td width="60"></td> <td style="text-align:center;color:#333333;font-size:14px;font-weight:bold"> <?php echo _("Current Search Criteria"); ?> [<a href="base_qry_main.php?clear_allcriteria=1&num_result_rows=-1&submit=Query+DB¤t_view=-1&sort_order=time_d" style="font-weight:normal;color:black">...<?php echo _("Clear All Criteria"); ?> ...</a>]</td> <td width="120" nowrap><a href="base_view_criteria.php" onclick="GB_show('<?php echo _("Current Search Criteria"); ?> ','base_view_criteria.php',420,600);return false"><img src="../pixmaps/arrow_green.gif" alt="" border="0"></img> <?php echo _("Show full criteria"); ?> <img src="../pixmaps/ui-scroll-pane-detail.png" border="0" alt="<?php echo _("View entire current search criteria"); ?> " title="<?php echo _("View entire current search criteria"); ?> "></img></a></td> </tr> </table> </TD> </TR> <TR> <TD style="border:1px solid #CACACA"> <table cellpadding=0 cellspacing=0 border=0 WIDTH="100%"> <tr> <th style="border-right:1px solid #CACACA;border-bottom:1px solid #CACACA;background-color:#eeeeee"><?php echo _("META"); ?> </th> <th style="padding-left:5px;padding-right:5px;border-right:1px solid #CACACA;border-bottom:1px solid #CACACA;background-color:#eeeeee"><?php echo _("PAYLOAD"); ?> </th> <th style="border-right:1px solid #CACACA;border-bottom:1px solid #CACACA;background-color:#eeeeee"> <?php echo _("IP"); ?> </th> <th style="padding-left:5px;padding-right:5px;border-bottom:1px solid #CACACA;background-color:#eeeeee" nowrap><?php echo _("LAYER 4"); ?> </th> </tr> <tr> <td align=center valign="top" style="border-right:1px solid #CACACA"><?php echo $criteria_arr['meta']; ?> </td> <td align=center valign="top" style="border-right:1px solid #CACACA"><?php echo $criteria_arr['payload']; ?> </td> <td align=center valign="top" style="border-right:1px solid #CACACA"><?php echo $criteria_arr['ip']; ?> </td> <td align=center valign="top"><?php echo $criteria_arr['layer4']; ?> </td> </tr> </table> </td> </tr> </table> </td> </tr> </table> <?php }