function load_entities($dbconn)
{
$entities = Acl::get_entities_to_assign($dbconn);
foreach ($entities as $entity => $name) {
$json_entities .= '{ "txt":"' . utf8_encode($name) . '", "id": "e_' . $entity . '", "desc": "ENTITY:' . utf8_encode($name) . '"},';
}
return $json_entities;
}
function get_policy_entities($conn)
{
$entities = $entities_all = array();
$ctx_pro = '';
$entities_all = Acl::get_entities_to_assign($conn);
foreach ($entities_all as $k => $v) {
if (Acl::is_logical_entity($conn, $k)) {
$parent_id = Acl::get_logical_ctx_id($conn, $k);
$parent_id = $parent_id[0];
// first
$parent_name = Acl::get_entity_name($conn, $parent_id);
if (!empty($parent_id)) {
$entities[$parent_id] = $parent_name;
}
} else {
$entities[$k] = $v;
}
}
asort($entities);
$ctx_pro = array_shift(array_keys($entities));
return array($entities, $ctx_pro);
}
function ticket_form($action)
{
global $conn;
$users = Session::get_users_to_assign($conn);
if (Session::is_pro()) {
$entities = Acl::get_entities_to_assign($conn);
}
?>
<tr class="tticket">
<td colspan="2" class="nobborder"> </td>
</tr>
<tr class="tticket">
<th><label for="in_charge"><?php
echo _('In Charge:') . required();
?>
</label></th>
<td class="nobborder left">
<table cellspacing="0" cellpadding="0" class="transparent">
<tr>
<td class="nobborder">
<label for="transferred_user"><?php
echo _('User:'******'set_focus(this);' name="transferred_user" id="transferred_user" class="vfield" onchange="switch_user('user');return false;">
<?php
$num_users = 0;
foreach ($users as $k => $v) {
$login = $v->get_login();
$options .= "<option value='{$login}'" . ($action == $login ? " selected" : "") . ">{$login}</option>\n";
$num_users++;
}
if ($num_users == 0) {
echo "<option value='' style='text-align:center !important;'>- " . _("No users found") . "- </option>";
} else {
echo "<option value='' style='text-align:center !important;' selected='selected'>- " . _("Select one user") . " -</option>\n";
echo $options;
}
?>
</select>
</td>
<?php
if (!empty($entities)) {
?>
<td class="nobborder" nowrap='nowrap'>
<label for="transferred_entity" style='margin-right: 3px;'><?php
echo _('OR') . ' ' . _('Entity:');
?>
</label>
</td>
<td class="nobborder">
<select onfocus='set_focus(this);' name="transferred_entity" id="transferred_entity" class="vfield" onchange="switch_user('entity');return false;">
<?php
if (count($entities) == 0) {
echo "<option value='' style='text-align:center !important;'>- " . _('No entities found') . " -</option>";
} else {
echo "<option value='' style='text-align:center !important;'>- " . _('Select one entity') . " -</option>\n";
}
foreach ($entities as $k => $v) {
echo "<option value='{$k}'" . ($action == $k ? " selected" : "") . ">{$v}</option>";
}
?>
</select>
</td>
<?php
}
?>
</tr>
</table>
</td>
</tr>
<?php
}
function PrintBASESubHeader($page_title, $page_name, $back_link, $refresh = 0, $page = "")
{
global $db, $timetz, $debug_mode, $BASE_VERSION, $BASE_path, $BASE_urlpath, $html_no_cache, $max_script_runtime, $Use_Auth_System, $stat_page_refresh_time, $refresh_stat_page, $ossim_servers, $sensors, $hosts, $database_servers, $DBlib_path, $DBtype, $db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password, $entities;
if (ini_get("safe_mode") != true) {
set_time_limit($max_script_runtime);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo gettext("iso-8859-1");
?>
"/>
<?php
if ($html_no_cache == 1) {
?>
<meta http-equiv="pragma" content="no-cache"/><?php
}
?>
<?php
if ($refresh == 1 && !$_SESSION['norefresh']) {
PrintFreshPage($refresh_stat_page, $stat_page_refresh_time);
}
?>
<!-- Included Styles -->
<link rel="stylesheet" type="text/css" href="/ossim/style/av_common.css?t=<?php
echo Util::get_css_id();
?>
"/>
<link rel="stylesheet" type="text/css" href="/ossim/style/analysis/security_events/security_events.css"/>
<link rel="stylesheet" type="text/css" href="/ossim/style/jquery-ui.css"/>
<link rel="stylesheet" type="text/css" href="/ossim/style/jquery.tag-it.css"/>
<!-- <link rel="stylesheet" type="text/css" href="/ossim/style/flexigrid.css"/> -->
<link rel="stylesheet" type="text/css" href="/ossim/style/jquery.autocomplete.css"/>
<link rel="stylesheet" type="text/css" href="/ossim/style/tipTip.css"/>
<link rel="stylesheet" type="text/css" href="/ossim/style/jslider.css"/>
<link rel="stylesheet" type="text/css" href="/ossim/style/jquery.switch.css"/>
<link rel="stylesheet" type="text/css" href="/ossim/style/datepicker.css"/>
<link rel="stylesheet" type="text/css" href="/ossim/style/jquery.dropdown.css"/>
<!-- Manual Styles -->
<style type="text/css">
#adv_search_button
{
margin:5px 0px 0px 0px;
width:239px;
}
#views table, #taxonomy table, #mfilters table, #report table {
background:none repeat scroll 0 0 #FAFAFA;
border:1px solid #BBBBBB;
color:black;
text-align:center;
-moz-border-radius:8px 8px 8px 8px;
padding: 2px;
}
#views table tr td, #taxonomy table tr td, #mfilters table tr td, #report table tr td{
padding: 0;
}
#views table tr td input, #views table,
#taxonomy table tr td input, #taxonomy table,
#taxonomy table tr td input, #report table,
#mfilters table tr td input, #mfilters table
{
font-size: 0.9em;
line-height: 0.5em;
}
#views table tr td ul{
padding: 0px;
}
#views table tr td ul li{
padding: 0px 0px 0px 12px;
list-style-type: none;
text-align: left;
margin: 0px;
clear:left;
position: relative;
height: 23px;
line-height: 1em;
}
.margin0
{
margin: 0px;
}
.left_np
{
text-align: left;
}
.par{
background: #f2f2f2;
}
.impar{
background: #fff;
}
.padding_right_5
{
padding: 0px 5px 0px 0px;
}
.padding_top_5
{
padding: 5px 0px 0px 0px;
}
.float_left
{
float: left;
}
.float_right
{
float: right;
}
#views table tr th, #taxonomy table tr th, #mfilters table tr th{
white-space:nowrap;
padding:1px 10px;
border: 1px solid #CCCCCC;
font-size: 11px;
color: #222222;
font-weight: bold;
text-align: center;
background: #E5E5E5;
background: -webkit-linear-gradient(#EFEFEF, #E5E5E5);
background: -moz-linear-gradient(#EFEFEF, #E5E5E5);
background: -o-linear-gradient(#EFEFEF, #E5E5E5);
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#EFEFEF', endColorstr='#E5E5E5');
}
#viewbox{
font-size: 1.5em;
margin: 0.5em;
}
#dhtmltooltip{
position: absolute;
width: 150px;
border: 2px solid black;
padding: 2px;
background-color: lightyellow;
visibility: hidden;
z-index: 100;
}
img{
vertical-align:middle;
}
small {
font:12px arial;
}
#maintable{
background-color: white;
}
#viewtable{
background-color: white;
}
.negrita { font-weight:bold; font-size:14px; }
.thickbox { color:gray; font-size:10px; }
.header{
line-height:28px; height: 28px; background: transparent url(../pixmaps/fondo_col.gif) repeat-x scroll 0% 0%; color: rgb(51, 51, 51); font-size: 12px; font-weight: bold; text-align:center;
}
.ne { color:black }
.gr { color:#999999 }
.disabled img {
filter:alpha(opacity=50);
-moz-opacity:0.5;
-khtml-opacity: 0.5;
opacity: 0.5;
}
td.head {
border:1px solid #CCCCCC;
background: #E5E5E5;
background: -webkit-linear-gradient(#EFEFEF, #e5e5e5);
background: -moz-linear-gradient(#EFEFEF, #e5e5e5);
background: -o-linear-gradient(#EFEFEF, #e5e5e5);
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#efefef', endColorstr='#e5e5e5');
font-size:14px;font-weight:bold;
color:#333333;
}
.left13 {
text-align:left;
font-size:13px;
}
ul.tagit
{
margin: 0px;
border:none;
}
.separated
{
border-spacing: 0px;
border-collapse: separated;
padding: 0px;
}
.separated td
{
padding: 4px 4px 4px 0px;
}
</style>
<!-- jQuery and Javascript -->
<!--[if IE]><script language="javascript" type="text/javascript" src="../js/jqplot/excanvas.js"></script><![endif]-->
<script type="text/javascript" src="../js/jquery.min.js"></script>
<script type="text/javascript" src="/ossim/js/jquery-ui.min.js"></script>
<script type="text/javascript" src="../js/greybox.js"></script>
<script type="text/javascript" src="../js/jquery.flot.pie.js" language="javascript"></script>
<script type="text/javascript" src="../js/jquery.bgiframe.min.js" language="javascript"></script>
<script type="text/javascript" src="../js/jquery.autocomplete.pack.js" language="javascript"></script>
<script type="text/javascript" src="../js/utils.js"></script>
<script type="text/javascript" src="../js/jquery.tipTip-ajax.js"></script>
<script type="text/javascript" src="../js/notification.js"></script>
<!-- jSlider -->
<script type="text/javascript" src="../js/jslider/jshashtable-2.1_src.js"></script>
<script type="text/javascript" src="../js/jslider/jquery.numberformatter-1.2.3.js"></script>
<script type="text/javascript" src="../js/jslider/tmpl.js"></script>
<script type="text/javascript" src="../js/jslider/jquery.dependClass-0.1.js"></script>
<script type="text/javascript" src="../js/jslider/draggable-0.1.js"></script>
<script type="text/javascript" src="../js/jslider/jquery.slider.js"></script>
<script type="text/javascript" src="../js/jquery.tag-it.js"></script>
<script type="text/javascript" src="../js/jquery.placeholder.js"></script>
<script type="text/javascript" src="../js/jquery.switch.js"></script>
<?php
$ipsearch = 1;
include "../host_report_menu.php";
?>
<!-- Javascript functions -->
<script type="text/javascript">
// ***** Variables *****
// Used in tooltips
var url = new Array(50);
// For greybox
var nogb = false;
// Used in calendar
var state = false;
// Selected Tab
var current_section = "<?php
echo preg_match("/base_timeline/", $_SERVER['SCRIPT_NAME']) ? "timeline" : (preg_match("/base_stat/", $_SERVER['SCRIPT_NAME']) && $_SERVER['SCRIPT_NAME'] != '/ossim/forensics/base_stat_ipaddr.php' ? "grouped" : "events");
?>
";
// ***** Functions *****
// Tooltip used in unique events plots
function showTooltip(x, y, contents, link) {
link = link.replace(".","");
link = link.replace(",","");
$('<div id="tooltip" class="tooltipLabel" onclick="load_link(\'' + url[link] + '&submit=Query DB\')"><a href="' + url[link] + '&submit=Query DB" style="font-size:10px;">' + contents + '</a></div>').css( {
position: 'absolute',
display: 'none',
top: y - 28,
left: x - 10,
border: '1px solid #ADDF53',
padding: '1px 2px 1px 2px',
'background-color': '#CFEF95',
opacity: 0.80
}).appendTo("body").fadeIn(200);
}
Array.prototype.in_array = function(p_val) {
for(var i = 0, l = this.length; i < l; i++) {
if(this[i] == p_val) {
return true;
}
}
return false;
}
// Auxiliary function for sensor input autocomplete
function mix_sensors(val) {
var sval = val.split(',');
if ($("#sensor").val() != "") var aval = $("#sensor").val().split(',');
else var aval = [];
var mixed = [];
var ind = 0;
for(var i = 0, l = sval.length; i < l; i++) {
if (aval.length>=0 || aval.in_array(sval[i])) // Before aval.length==0
mixed[ind++] = sval[i];
}
var str = "";
if (mixed.length > 0) {
str = mixed[0];
for(var i = 1, l = mixed.length; i < l; i++) {
str = str + ',' + mixed[i];
}
//alert($("#sensor").val()+" + "+val+" = "+str);
}
// return intersection
$("#sensor").val(str);
}
// Used to delete events in background
function bgtask() {
$.ajax({
type: "GET",
url: "base_bgtask.php",
data: "",
success: function(msg)
{
var redirection = false;
if (msg.match(/No pending tasks/))
{
// check if there was a pending task
if($("#task").is(":visible"))
{
var redirection = true;
}
if ($("#task").is(":visible")) $("#task").toggle();
__timeout = setTimeout("bgtask()",5000);
if(redirection)
{
<?php
// Refresh to Grouped by
if (preg_match('/base_stat_[^\\.]+.php/', $_SERVER['SCRIPT_NAME'])) {
$_current_url = $_SESSION["siem_default_group"] != "" ? $_SESSION["siem_default_group"] : $_SERVER['SCRIPT_NAME'] . "?sort_order=occur_d";
} else {
$_current_url = 'base_qry_main.php?num_result_rows=-1&submit=Query+DB¤t_view=-1';
}
?>
load_link('./<?php
echo $_current_url;
?>
');
}
}
else
{
if ($("#task").is(":hidden")) $("#task").toggle();
$("#task").html("<img style='border: none' src='./images/sandglass.png'> Deleting in background...");
__timeout = setTimeout("bgtask()",5000);
}
}
});
}
// Used in plot response
function SetIFrameSource(cid, url) {
var myframe = document.getElementById(cid);
if(myframe !== null) {
if(myframe.src){
myframe.src = url; }
else if(myframe.contentWindow !== null && myframe.contentWindow.location !== null){
myframe.contentWindow.location = url; }
else{ myframe.setAttribute('src', url); }
}
}
function show_search_tooltip()
{
var tooltip =
{
"<?php
echo _('Signature');
?>
" : 1,
"<?php
echo _('Payload');
?>
" : 1,
"<?php
echo _('Src or Dst IP');
?>
" : 1,
"<?php
echo _('Src IP');
?>
" : 1,
"<?php
echo _('Dst IP');
?>
" : 1,
"<?php
echo _('Src or Dst Host');
?>
" : 2,
"<?php
echo _('Src Host');
?>
" : 2,
"<?php
echo _('Dst Host');
?>
" : 2
}
var selected = $(this).val();
if (selected in tooltip)
{
var ul = $('<ul></ul>');
if (tooltip[selected] == 1)
{
$('<li></li>',
{
text: "<?php
echo _('Conjunction: ');
?>
'AND'"
}).appendTo(ul)
$('<li></li>',
{
text: "<?php
echo _('Disjunction: ');
?>
'OR'"
}).appendTo(ul)
}
$('<li></li>',
{
text: "<?php
echo _('Negation: ');
?>
'!'"
}).appendTo(ul)
var content = $('<div></div>',
{
id : "search_opt_tip",
text: "<?php
echo _('For this search option you can use the following operator(s) to perform complex searches:');
?>
"
})
content.append(ul)
$('#help_tooltip').removeData("tipTip").tipTip(
{
maxWidth: "300px",
content: content
}).show();
}
else
{
$('#help_tooltip').hide().tipTip('destroy');
}
}
function show_calendar()
{
$('#date_from').trigger('focus');
}
// Button more filters button action
function more_filters_toggle()
{
if ($('#more_filters').is(":visible"))
{
$('#more_filters').hide();
$('#more_filters_button').val("+ <?php
echo _("More Filters");
?>
");
}
else
{
$('#more_filters').show();
$('#more_filters_button').val("- <?php
echo _("More Filters");
?>
");
}
}
// Auxiliary format number for plot hovers
function formatNmb(nNmb){
var sRes = "";
for (var j, i = nNmb.length - 1, j = 0; i >= 0; i--, j++)
sRes = nNmb.charAt(i) + ((j > 0) && (j % 3 == 0)? "<?php
echo thousands_locale();
?>
": "") + sRes;
return sRes;
}
// [Events, Grouped, Timeline]
function load_section(section)
{
// Some layer changes when no page reload needed
if (section == "grouped")
{
$('#plot_option').hide();
$('#grouped_option').show();
}
if (section == "events")
{
$('#grouped_option').hide();
$('#plot_option').show();
}
if (section == "timeline")
{
$('#grouped_option').hide();
}
current_section = section;
$('#criteria_tagit').tagit(
{
onlyAllowDelete: true,
beforeTagRemoved: function(event, ui)
{
var url = $(ui.tag).data('info');
if(typeof url != 'undefined' && url != '')
{
load_link(url);
}
}
});
}
function load_link(url)
{
if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true);
document.location.href=url;
}
// Custom Views
// Get default view
<?php
require_once "ossim_conf.inc";
$conf = $GLOBALS["CONF"];
$idm_enabled = $conf->get_conf("enable_idm", FALSE) == 1 && Session::is_pro() ? true : false;
$login = Session::get_session_user();
$config = new User_config($db);
$default_view = $config->get($login, 'custom_view_default', 'php', "siem") != "" ? $config->get($login, 'custom_view_default', 'php', "siem") : ($idm_enabled ? 'IDM' : 'default');
?>
var default_view = "<?php
echo $default_view;
?>
";
function set_default_view(name) {
$('#view_star_'+name).attr('src', '../pixmaps/loading.gif');
$.ajax({
type: "GET",
url: "custom_view_save.php",
data: "name="+name+"&set_default=1",
success: function(msg) {
if (msg != "") {
alert(msg);
} else {
$('.view_star').attr('src', '../pixmaps/star-small-empty.png');
$('#view_star_'+name).attr('src', '../pixmaps/star-small.png');
default_view = name;
}
}
});
}
function change_view(view)
{
var url = "base_qry_main.php?num_result_rows=-1&submit=Query+DB¤t_view=-1&custom_view="+view;
load_link(url);
}
function save_view(id_img)
{
var img = $('#'+id_img).attr('src').split('/');
img = img[img.length-1];
var url = '../pixmaps/';
var src1='loading3.gif';
var src2='tick.png';
$('#'+id_img).attr('src', url+src1);
$.ajax({
type: "GET",
url: "custom_view_save.php",
data: "",
success: function(msg) {
$('#'+id_img).attr('src', url+src2);
setTimeout("($('#"+id_img+"').attr('src', '"+url+img+"'))",1000);
}
});
}
function delete_view(name)
{
$.ajax({
type: "GET",
url: "custom_view_delete.php",
data: "name="+name,
success: function(msg) {
if (msg != "") {
alert(msg);
} else {
var url = "base_qry_main.php?num_result_rows=-1&submit=Query+DB";
load_link(url);
}
}
});
}
// Greybox
//function GB_hide() { document.location.reload() }
//function GB_onclose() { nogb=false; }
function GB_onclose(url)
{
if (url.match(/otx|kdb|insertsid|shellcode/))
{
nogb=false;
return false;
}
if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true);
document.location.reload();
}
// Triggered by custom_view_edit.php when it creates or deletes
function GB_onhide(url, params)
{
if (url.match(/newincident/))
{
document.location.href="../incidents/index.php?m_opt=analysis&sm_opt=tickets&h_opt=tickets"
return false
}
if (typeof(params) == 'object' && typeof params['change_view'] != 'undefined')
{
change_view(params['change_view']);
return false
}
if (typeof(params) == 'object' && typeof params['url_detail'] != 'undefined')
{
if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true);
document.location.href = params['url_detail'];
return false
}
}
// Solera
function solera_deepsee (from,to,src_ip,src_port,dst_ip,dst_port,proto)
{
$('#solera_form input[name=from]').val(from);
$('#solera_form input[name=to]').val(to);
$('#solera_form input[name=src_ip]').val(src_ip);
$('#solera_form input[name=src_port]').val(src_port);
$('#solera_form input[name=dst_ip]').val(dst_ip);
$('#solera_form input[name=dst_port]').val(dst_port);
$('#solera_form input[name=proto]').val(proto);
GB_show_post('Solera DeepSee ™','#solera_form',300,600);
}
// Events grouping button click
function dsgroup_for_selected()
{
var idlist = "";
var sidlist = "";
$("input:checkbox:checked").each(function() {
if(this.className == "trlnks") {
if (idlist != "") idlist += ",";
if (sidlist != "") sidlist += ",";
idlist += this.getAttribute('pid');
sidlist += this.getAttribute('psid');
}
});
if (idlist != "" && sidlist != "") {
GB_show("<?php
echo _("Insert into existing DS Group");
?>
","/policy/insertsid.php?plugin_id="+idlist+"&plugin_sid="+sidlist,'650','65%');
}
}
function CheckSensor()
{
if ($('#sensor option:selected').val()!='')
{
if ($('#exclude').is(':checked'))
{
if ($('#sensor option:selected').text().match(/Context/))
{
$('#exclude').prop('checked',false);
}
else
{
$('#sensor option:selected').val('!' + $('#sensor option:selected').val());
}
}
}
}
function SetSensor(btn,clk)
{
$('#ctx').val('');
if (clk) // change combo box
{
if ($('#sensor option:selected').text().match(/Context/))
{
$('#exclude').prop('checked',false).prop('disabled',true);
$("#lexc").css('color','lightgray');
}
else
{
$('#exclude').prop('disabled',false);
$("#lexc").css('color','rgb(85,85,85)');
}
btn.click();
}
else // click exclude checkbox
{
if ($('#sensor option:selected').val()!='')
{
btn.click();
}
}
DisableContexts();
}
function DisableContexts()
{
if ($('#exclude').is(':checked'))
{
$('.ents').prop('disabled',true);
}
else
{
$('.ents').prop('disabled',false);
}
if ($('#sensor option:selected').text().match(/Context/))
{
$('#exclude').prop('checked',false).prop('disabled',true);
$("#lexc").css('color','lightgray');
}
}
// Top refresh link
function re_load()
{
if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true);
if (typeof(pag_reload)=='function')
{
pag_reload();
}
else
{
var href = document.location.href.replace("&nocache=1","");
document.location.href = href + "&nocache=1";
document.location.reload(false);
}
}
// Select all when DeleteAllOnScreen button click
function click_all(bt)
{
$("input[name^='action_chk_lst']").each(function() { $(this).attr('checked',true); });
$('#eqbtn'+bt).click()
}
// Group By selection
function group_selected(val)
{
// Reset
$('#group_button').hide();
$('#group_ip_select').css('display', 'none');
$('#group_hostname_select').css('display', 'none');
$('#group_username_select').css('display', 'none');
$('#group_port_select').css('display', 'none');
$('#group_proto_select').css('display', 'none');
// Second level
if (val.match("^ip"))
{
$('#group_ip_select').css('display', 'inline');
}
if (val.match("^hostname"))
{
$('#group_hostname_select').css('display', 'inline');
}
if (val.match("^username"))
{
$('#group_username_select').css('display', 'inline');
}
if (val.match("^port"))
{
$('#group_port_select').css('display', 'inline');
// Third level (Ports)
if ($('#group_port_select').find(":selected").val() != "portempty")
{
if (val.match("port(src|dst)") || val.match("proto") || $('#group_proto_select').find(":selected").val() != "")
{
$('#group_proto_select').css('display', 'inline');
}
}
}
// Show Group Button (All options are ready to go)
if (val == "signature"
|| val == "sensor"
|| val == "ptypes"
|| val == "otx"
|| val == "plugins"
|| val == "country"
|| val == "categories"
|| (val.match("^ip")
&& $('#groupby_ip').find(":selected").val() != "ipempty")
|| (val.match("^hostname")
&& $('#groupby_hostname').find(":selected").val() != "hostnameempty")
|| (val.match("^username")
&& $('#groupby_username').find(":selected").val() != "usernameempty")
|| (val.match("^port")
&& $('#group_port_select').find(":selected").val() != "portempty"
&& $('#group_proto_select').find(":selected").val() != "portprotoempty"))
{
$('#group_button').show();
}
}
// Group by go
function go_stats()
{
if ($('#groupby_1').val() == "ip")
{
if ($('#groupby_ip').val() == "iplink")
{
load_link("base_stat_iplink.php?sort_order=events_d&fqdn=no");
}
else if ($('#groupby_ip').val() == "iplink_fqdn")
{
load_link("base_stat_iplink.php?sort_order=events_d&fqdn=yes");
}
else if ($('#groupby_ip').val() == "ipsrc")
{
load_link("base_stat_uaddr.php?addr_type=1&sort_order=occur_d");
}
else if ($('#groupby_ip').val() == "ipdst")
{
load_link("base_stat_uaddr.php?addr_type=2&sort_order=occur_d");
}
else if ($('#groupby_ip').val() == "ipboth")
{
load_link("base_stat_uaddress.php?sort_order=occur_d");
}
}
else if ($('#groupby_1').val() == "hostname")
{
if ($('#groupby_hostname').val() == "hostnamesrc")
{
load_link("base_stat_uidmsel.php?addr_type=src_hostname&sort_order=occur_d");
}
else if ($('#groupby_hostname').val() == "hostnamedst")
{
load_link("base_stat_uidmsel.php?addr_type=dst_hostname&sort_order=occur_d");
}
else
{
load_link("base_stat_uidm.php?addr_type=hostname&sort_order=occur_d");
}
}
else if ($('#groupby_1').val() == "username")
{
if ($('#groupby_username').val() == "usernamesrc")
{
load_link("base_stat_uidmsel.php?addr_type=src_userdomain&sort_order=occur_d");
}
else if ($('#groupby_username').val() == "usernamedst")
{
load_link("base_stat_uidmsel.php?addr_type=dst_userdomain&sort_order=occur_d");
}
else
{
load_link("base_stat_uidm.php?addr_type=userdomain&sort_order=occur_d");
}
}
else if ($('#groupby_1').val() == "signature")
{
load_link("base_stat_alerts.php?sort_order=occur_d");
}
else if ($('#groupby_1').val() == "port")
{
if ($('#groupby_port').val() == "portsrc")
{
if ($('#groupby_proto').val() == "portprototcp")
{
load_link("base_stat_ports.php?sort_order=occur_d&port_type=1&proto=6");
}
else if ($('#groupby_proto').val() == "portprotoudp")
{
load_link("base_stat_ports.php?sort_order=occur_d&port_type=1&proto=17");
}
else if ($('#groupby_proto').val() == "portprotoany")
{
load_link("base_stat_ports.php?sort_order=occur_d&port_type=1&proto=-1");
}
}
else if ($('#groupby_port').val() == "portdst")
{
if ($('#groupby_proto').val() == "portprototcp")
{
load_link("base_stat_ports.php?sort_order=occur_d&port_type=2&proto=6");
}
else if ($('#groupby_proto').val() == "portprotoudp")
{
load_link("base_stat_ports.php?sort_order=occur_d&port_type=2&proto=17");
}
else if ($('#groupby_proto').val() == "portprotoany")
{
load_link("base_stat_ports.php?sort_order=occur_d&port_type=2&proto=-1");
}
}
}
else if ($('#groupby_1').val() == "sensor")
{
load_link("base_stat_sensor.php?sort_order=occur_d");
}
else if ($('#groupby_1').val() == "otx")
{
load_link("base_stat_otx.php?sort_order=occur_d");
}
else if ($('#groupby_1').val() == "ptypes")
{
load_link("base_stat_ptypes.php?sort_order=occur_d");
}
else if ($('#groupby_1').val() == "plugins")
{
load_link("base_stat_plugins.php?sort_order=occur_d");
}
else if ($('#groupby_1').val() == "country")
{
load_link("base_stat_country.php");
}
else if ($('#groupby_1').val() == "categories")
{
load_link("base_stat_categories.php?sort_order=occur_d");
}
}
// Postload action (call from host_report_menu.php)
function postload() {
if (typeof(DisableContexts)=='function')
{
DisableContexts();
}
if (typeof(parent.hide_overlay_spinner)=='function' && parent.is_loading_box())
{
parent.hide_overlay_spinner();
}
// Show spinner on form submit
$('#bsf, a.qlink').on('click',function(){
if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true);
});
$('#go_button').on('click',function()
{
if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true);
var sstr = $("#search_str").val();
var scombo = $("#search_type_combo").val();
if (sstr.match(/\!?\d+\.\d+\.\d+\.\d+/) && scombo == 'Signature')
{
$("#search_type_combo").val('Src or Dst IP');
}
});
// CAPTURE ENTER KEY
$("#search_str").bind("keydown", function(event) {
// track enter key
var keycode = (event.keyCode ? event.keyCode : (event.which ? event.which : event.charCode));
if (keycode == 13) { // keycode for enter key
$('#submit').val('<?php
echo _("Signature");
?>
');
$('#go_button').click();
return false;
} else {
return true;
}
});
// Top Graph Trend SWITCH
$('#trend_checkbox').toggles({
"text" : {
"on" : '<?php
echo _('On');
?>
',
"off" : '<?php
echo _('Off');
?>
'
},
"on" : false,
"width" : 50,
"height" : 18,
});
$('#trend_checkbox').on('toggle', function (e, status) {
if (status == true)
{
// Display trend
$('#iplot').toggle();
$('#loadingTrend').show();
SetIFrameSource('processframe','base_plot.php')
}
else
{
// Hide trend
$('#iplot').toggle();
}
});
// TOOLTIPS
$('.scriptinfo').tipTip({
defaultPosition: "right",
content: function (e) {
var ip = $(this).attr('data-title').replace(/\-.*/,'');
var ctx = $(this).attr('data-title').replace(/.*\-/,'');
$.ajax({
url: 'base_netlookup.php?ip=' + ip + ';' + ctx,
success: function (response) {
e.content.html(response); // the var e is the callback function data (see above)
}
});
return '<?php
echo _("Searching") . "...";
?>
'; // We temporary show a Please wait text until the ajax success callback is called.
}
});
$('.task_info').tipTip({
defaultPosition: "down",
delay_load: 100,
maxWidth: "auto",
edgeOffset: 3,
keepAlive:false,
content: function (e) {
$.ajax({
type: 'GET',
url: 'base_bgtask.php',
success: function (response) {
e.content.html(response); // the var e is the callback function data (see above)
}
});
return '<?php
echo _("Waiting status") . "...";
?>
'; // We temporary show a Please wait text until the ajax success callback is called.
}
});
$('.riskinfo').tipTip({
defaultPosition: "left",
content: function (e) {
return $(this).attr('txt')
}
});
$('.idminfo').tipTip({
defaultPosition: "top",
content: function (e) {
return $(this).attr('txt')
}
});
$('.scriptinfoimg').tipTip({
defaultPosition: "right",
content: function (e) {
return $(this).attr('txt')
}
});
$(".tztooltip").tipTip({
defaultposition: 'right',
content: function (e) {
return $(this).attr('txt')
}
});
$('.scriptinf').tipTip({
defaultPosition: "bottom",
content: function (e) {
return $(this).attr('txt')
}
});
$('.selectu').on('change',function(){
$('#extradatafield').attr('placeholder',$(this).val().ucwords()+' field');
});
if (typeof $('.selectu').val() != 'undefined')
{
$('#extradatafield').attr('placeholder',$('.selectu').val().ucwords()+' field');
}
$('#views_link').on('click',function(event)
{
event.stopPropagation();
$('#actions_dd').hide();
var diff = ($.browser.webkit && !(/chrome/.test(navigator.userAgent.toLowerCase()))) ? -3 : 0;
var vl = $('#views_link').offset();
var tt = vl.top + $('#views_link').outerHeight(true) + diff;
var ll = vl.left - $('#custom_views').outerWidth(true) + $('#views_link').outerWidth(false);
$('#custom_views').css({position: 'absolute', left: Math.floor(ll), top: Math.floor(tt)}).toggle();
return false;
});
$('#views_close').on('click',function()
{
$('#views').hide();
});
$('#actions_link').on('click',function(event)
{
event.stopPropagation();
$('#custom_views').hide();
var diff = ($.browser.webkit && !(/chrome/.test(navigator.userAgent.toLowerCase()))) ? -3 : 0;
var vl = $('#actions_link').offset();
var tt = vl.top + $('#actions_link').outerHeight(true) + diff;
var ll = vl.left - $('#actions_dd').outerWidth(true) + $('#actions_link').outerWidth(true) + diff;
$('#actions_dd').css({position: 'absolute', left: Math.floor(ll), top: Math.floor(tt)}).toggle();
return false;
});
// AUTOCOMPLETES
<?php
$db_aux = new ossim_db(true);
$conn_aux = $db_aux->connect();
// Purge or Restore backup action is running
list($backup_status, $backup_mode, $backup_progress) = Backup::is_running($conn_aux);
if ($backup_status > 0) {
?>
show_backup_status();
<?php
}
$ctx = $_GET["ctx"] != "" ? $_GET["ctx"] : $_SESSION["ctx"];
$ents = '';
if (Session::is_pro()) {
$my_entities = Session::am_i_admin() ? $entities : Acl::get_entities_to_assign($conn_aux);
foreach ($my_entities as $e_id => $e_name) {
if (Session::get_entity_type($conn_aux, $e_id) != 'context') {
continue;
}
$ents .= '<option class="ents" value="' . $e_id . '"' . ($ctx == $e_id ? ' selected' : '') . '>' . _('Context') . ': ' . Util::htmlentities($e_name) . '</option>';
}
}
$db_aux->close($conn_aux);
?>
$("#otx_pulse").autocomplete('/ossim/otx/providers/otx_pulse_autocomplete.php?type=event', {
minChars: 0,
width: 197,
max: 50,
matchContains: "word",
autoFill: false,
scroll: true,
formatItem: function(row, i, max, value)
{
return (value.split('###'))[1];
},
formatResult: function(data, value)
{
return (value.split('###'))[1];
}
}).result(function(event, item)
{
if (typeof(item) != 'undefined' && item != null)
{
var _aux_item = item[0].split('###');
var pulse_id = _aux_item[0];
$('#otx_activity').prop('checked', false);
$("#otx_pulse_value").val(pulse_id);
$("#bsf").click();
}
});
<?php
// AUTOCOMPLETE DEVICES
if (Session::is_pro()) {
?>
$("#device_input").autocomplete('base_devices.php', {
minChars: 0,
width: 197,
max: 50,
matchContains: "word",
autoFill: true,
scroll: true,
formatItem: function(row, i, max, value) {
return value;
},
formatResult: function(data, value)
{
return value;
}
}).result(function(event, item) {
if (typeof(item) != 'undefined' && item != null)
{
$("#device_input").val(item[0]);
$("#bsf").click();
}
});
<?php
}
?>
var dayswithevents = [ <?php
//echo GetDatesWithEvents($db)
?>
];
/* CALENDAR PLUGIN */
$('.date_filter').datepicker(
{
buttonText: "",
showOn: "both",
dateFormat: "yy-mm-dd",
buttonImage: "/ossim/pixmaps/calendar.png",
// Color of the cells
beforeShowDay: function ( date )
{
var classname = '';
var withevents = '';
// With-Events color
//var withevents = (dayswithevents.in_array(date.getTime())) ? ' evented-date' : ''
return [true, classname + withevents];
},
onClose: function(selectedDate)
{
// End date must be greater than the start date
if ($(this).attr('id') == 'date_from')
{
$('#date_to').datepicker('option', 'minDate', selectedDate );
}
else
{
$('#date_from').datepicker('option', 'maxDate', selectedDate );
}
var from = $('#date_from').val();
var to = $('#date_to').val();
if (from != '' && to != '')
{
var url = "&time_range=range&time_cnt=2&time%5B0%5D%5B0%5D=+&time%5B0%5D%5B1%5D=%3E%3D&time%5B0%5D%5B8%5D=+&time%5B0%5D%5B9%5D=AND&time%5B1%5D%5B1%5D=%3C%3D"
var f1 = from.split(/\-/);
url = url + '&time%5B0%5D%5B2%5D=' + f1[1]; // month
url = url + '&time%5B0%5D%5B3%5D=' + f1[2]; // day
url = url + '&time%5B0%5D%5B4%5D=' + f1[0]; // year
url = url + '&time%5B0%5D%5B5%5D=00&time%5B0%5D%5B6%5D=00&time%5B0%5D%5B7%5D=00';
var f2 = to.split(/\-/);
url = url + '&time%5B1%5D%5B2%5D=' + f2[1]; // month
url = url + '&time%5B1%5D%5B3%5D=' + f2[2]; // day
url = url + '&time%5B1%5D%5B4%5D=' + f2[0]; // year
url = url + '&time%5B1%5D%5B5%5D=23&time%5B1%5D%5B6%5D=59&time%5B1%5D%5B7%5D=59';
<?php
$uri = Util::htmlentities_url(Util::get_sanitize_request_uri($_SERVER['REQUEST_URI']));
$actual_url = str_replace("?clear_allcriteria=1&", "?", str_replace("&clear_allcriteria=1", "", $uri)) . (preg_match("/\\?.*/", $uri) ? "&" : "?");
?>
// Go
load_link('<?php
echo $actual_url;
?>
'+url);
}
}
});
$('.ndc').disableTextSelect();
// timeline
if (typeof load_tree == 'function') load_tree();
// timeline
if (typeof gen_timeline == 'function') gen_timeline();
// report
if (typeof parent.launch_form == 'function') parent.launch_form();
// trcellclk single and double click handle
var timeOut = 250;
var timeoutID = 0;
var ignoreSingleClicks = false;
var clink = null;
$('.trcellclk').on('click',function(){
if (!ignoreSingleClicks)
{
clink = $(this).data('link')+'&minimal_view=1&noback=1&pag=<?php
echo intval($_POST['submit']);
?>
';
clearTimeout(timeoutID);
timeoutID = setTimeout(
function(){
if (!nogb)
{
GB_show_nohide("<?php
echo _("Event details");
?>
",clink,'65%','85%');
}
}, timeOut);
}
}).on('dblclick',function(){
clearTimeout(timeoutID);
ignoreSingleClicks = true;
setTimeout(function() {
ignoreSingleClicks = false;
}, timeOut);
load_link('<?php
echo AV_MAIN_PATH;
?>
'+$(this).data('link')+'&noheader=true');
}).disableTextSelect();
// Some link handlers
$('a.trlnk,a.trlnka').each(function() {
$(this).click(function() {
nogb=true;
});
});
$('a.trlnks,input.trlnks').each(function() {
$(this).click(function() {
nogb=true;
setTimeout("nogb=false",1000);
});
});
$('.greybox').click(function(){
var t = this.title || $(this).text() || this.href;
GB_show(t,this.href, 550,'85%');
return false;
});
// Clean search box
$('#frm').submit(function() {
if ($('#search_str').attr('class') == "gr")
{
$('#search_str').val("");
}
});
// Risk slider
/*
$("#risk_slider").slider({
from: 1,
to: 5,
smooth: false,
callback: function( event, ui ) { alert('yeah'); }
});
*/
$('#more_filters_button').click(function(){
more_filters_toggle();
});
$('#adv_search_button').click(function(){
GB_show("<?php
echo _("Advanced Search");
?>
","/forensics/base_qry_form.php", 550, 900);
return false;
});
<?php
if ($_POST['gbhide'] == "1") {
?>
var params = new Array();
params['nostop'] = 1;
parent.GB_hide(params);
<?php
}
?>
// Select Section Tab
load_section(current_section);
if (current_section == 'grouped')
{
var selected_tab = 1;
}
else if (current_section == 'timeline')
{
var selected_tab = 2;
}
else
{
var selected_tab = 0;
}
/* Activating the tab plugin */
$("#tab_siem").tabs(
{
selected: selected_tab,
select: function(event, ui)
{
var action_id = $(ui.tab).data('action_id');
switch(action_id)
{
case 0:
load_section('events');
break;
case 1:
load_link('base_qry_main.php?submit=Query+DB');
break;
case 2:
load_link('<?php
echo $_SESSION["siem_default_group"] != "" ? $_SESSION["siem_default_group"] : "base_stat_alerts.php?sort_order=occur_d";
?>
');
break;
case 3:
load_section('timeline');
break;
case 4:
load_link('base_timeline.php');
break;
}
}
});
}
// Check backup status with interval while is running
function show_backup_status()
{
var form_data = 'action=status';
$.ajax({
type: 'GET',
url: '<?php
echo AV_MAIN_PATH;
?>
/backup/ajax/backup_actions.php',
dataType: 'json',
data: form_data,
success: function(data)
{
if (typeof(data) != 'undefined' && typeof(data.message) != 'undefined' && data.message != '')
{
var url = "<?php
echo Menu::get_menu_url(AV_MAIN_PATH . '/backup/index.php', 'configuration', 'administration', 'backups', 'backups_events');
?>
";
var backup_link = '<a href="' + url + '">' + data.message + '</a>';
var msg = 'A background task could be affecting to the performance<br/>' + backup_link;
show_notification(msg, 'backup_info', 'nf_warning', 'padding: 2px; width: 100%; margin: auto; text-align: left');
setTimeout('show_backup_status()', 10000);
}
else
{
$('#backup_info').html('');
}
}
});
}
function show_notification (msg, container, nf_type, style)
{
var nt_error_msg = (msg == '') ? '<?php
echo _('Sorry, operation was not completed due to an error when processing the request');
?>
' : msg;
var style = (style == '' ) ? 'width: 80%; text-align:center; padding: 5px 5px 5px 22px; margin: 20px auto;' : style;
var config_nt = { content: nt_error_msg,
options: {
type: nf_type,
},
style: style
};
var nt_id = 'nt_ns';
var nt = new Notification(nt_id, config_nt);
var notification = nt.show();
$('#'+container).html(notification);
}
function report_launcher(data,type) {
var url = '<?php
echo urlencode((preg_match("/\\?/", $_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : $_SERVER["REQUEST_URI"] . "?" . $_SERVER["QUERY_STRING"]) . "&export=1");
?>
';
var dates = '<?php
echo $y1 != "" ? "&date_from=" . urlencode("{$y1}-{$m11}-{$d1}") : "&date_from=";
echo $y2 != "" ? "&date_to=" . urlencode("{$y2}-{$m21}-{$d2}") : "&date_to=";
?>
';
GB_show("<?php
echo _("Report options");
?>
",'/forensics/report_launcher.php?url='+url+'&data='+data+'&type='+type+dates,200,'40%');
return false;
}
// bgtask check
<?php
if ($_SESSION["deletetask"] != "") {
echo "if (typeof __timeout == 'undefined' || !__timeout) bgtask();\n";
} else {
echo "// Not running";
}
?>
$(document).ready(function()
{
$('#search_type_combo').on('change', show_search_tooltip);
$('#search_type_combo').trigger('change');
$('.pholder').placeholder();
});
</script>
</head>
<body>
<?php
// Include search form, current criteria box, and stats box
if (!array_key_exists("minimal_view", $_GET) && !array_key_exists("noheader", $_GET)) {
include "base_header.php";
}
}
$users = Session::get_list($conn);
foreach ($users as $usr) {
$default_entities[$usr->get_login()] = $usr->get_name();
}
if (Session::is_pro()) {
//menu template list
list($templates, $num_templates) = Session::get_templates($conn);
if (count($templates) < 1) {
$templates[0] = array('id' => '', 'name' => '- No templates found -');
}
$menus = array();
foreach ($templates as $template) {
$menus[$template['id']] = $template['name'];
}
//Entity list
$entities_all = Acl::get_entities_to_assign($conn);
if (is_array($entities_all) && count($entities_all) > 0) {
$default_entities['optgroup2'] = _('Entities');
foreach ($entities_all as $k => $v) {
$default_entities[$k] = $v;
if (!Acl::is_logical_entity($conn, $k)) {
$entities[$k] = $v;
}
}
} else {
$entities[''] = '- ' . _('No entities found') . ' -';
}
asort($entities);
}
$CONFIG = array('Ossim Framework' => array('title' => Session::is_pro() ? _('USM Framework') : _('Ossim Framework'), 'desc' => _('PHP Configuration (graphs, acls, database api) and links to other applications'), 'advanced' => 1, 'section' => 'alarms', 'conf' => array('use_resolv' => array('type' => array('0' => _('No'), '1' => _('Yes')), 'help' => '', 'desc' => _('Resolve IPs'), 'section' => 'alarms', 'advanced' => 1), 'nfsen_in_frame' => array('type' => array('0' => _('No'), '1' => _('Yes')), 'help' => '', 'desc' => _('Open Remote Netflow in the same frame'), 'advanced' => 1), 'md5_salt' => array('type' => 'text', 'help' => '', 'desc' => _('MD5 salt for passwords'), 'advanced' => 1), 'internet_connection' => array('type' => array('0' => _('No'), '1' => _('Yes'), '2' => _('Force Yes')), 'help' => _("You can configure if you have an internet connection available so that you can load external libraries.<br/><ul><li>No: It will not load external libraries.</li><li>Yes: It will check if we have internet connection and if so, it will load external libraries.</li><li>Force Yes: It will always try to load external libraries.</li></ul>This option requires to login again."), 'desc' => _('Internet Connection Availability'), 'advanced' => 1))), 'Metrics' => array('title' => _('Metrics'), 'desc' => _('Configure metric settings'), 'advanced' => 0, 'section' => 'metrics', 'conf' => array('recovery' => array('type' => 'text', 'help' => '', 'desc' => _('Recovery Ratio'), 'advanced' => 0, 'section' => 'metrics'), 'def_asset' => array('type' => 'text', 'help' => '', 'desc' => _('Default Asset value'), 'advanced' => 0, 'section' => 'metrics'), 'server_logger_if_priority' => array('type' => array('0' => 0, '1' => 1, '2' => 2, '3' => 3, '4' => 4, '5' => 5), 'help' => _("Store in SIEM if event�s priority >= this value") . ",<br> " . _('CLI action required:') . ' ' . _('Maintenance & Troubleshooting->Restart System Services->Restart AlienVault Server Service'), 'desc' => _('Security Events process priority threshold'), 'advanced' => 1, 'section' => 'metrics', 'disabled' => Session::is_pro() ? 0 : 1))), 'Ossim Framework' => array('title' => Session::is_pro() ? _('USM Framework') : _('Ossim Framework'), 'desc' => _('PHP Configuration (graphs, acls, database api) and links to other applications'), 'advanced' => 1, 'section' => 'alarms', 'conf' => array('use_resolv' => array('type' => array('0' => _('No'), '1' => _('Yes')), 'help' => '', 'desc' => _('Resolve IPs'), 'section' => 'alarms', 'advanced' => 1), 'nfsen_in_frame' => array('type' => array('0' => _('No'), '1' => _('Yes')), 'help' => '', 'desc' => _('Open Remote Netflow in the same frame'), 'advanced' => 1), 'md5_salt' => array('type' => 'text', 'help' => '', 'desc' => _('MD5 salt for passwords'), 'advanced' => 1), 'internet_connection' => array('type' => array('0' => _('No'), '1' => _('Yes'), '2' => _('Force Yes')), 'help' => _("You can configure if you have an internet connection available so that you can load external libraries.<br/><ul><li>No: It will not load external libraries.</li><li>Yes: It will check if we have internet connection and if so, it will load external libraries.</li><li>Force Yes: It will always try to load external libraries.</li></ul>This option requires to login again."), 'desc' => _('Internet Connection Availability'), 'advanced' => 1), 'framework_https_cert_plain' => array('type' => 'textarea', 'help' => _('PEM encoded X.509 certificate. Cut and paste the certificate including the "----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" lines'), 'desc' => _('Web Server SSL Certificate (PEM format)'), 'advanced' => 1), 'framework_https_pem_plain' => array('type' => 'textarea', 'help' => _('PEM encoded private key. Cut and paste the private key including the "-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----" lines'), 'desc' => _('Web Server SSL Private Key (PEM format)'), 'advanced' => 1), 'framework_https_ca_cert_plain' => array('type' => 'textarea', 'help' => _('PEM encoded X.509 certificates. Cut and paste the certificates including the "----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" lines'), 'desc' => _('Web Server SSL CA Certificates (PEM format) <i>[optional]</i>'), 'advanced' => 1))), 'IDM' => array('title' => _('IDM'), 'desc' => _('Configure IDM settings'), 'advanced' => 1, 'section' => 'idm', 'conf' => array('idm_user_login_timeout' => array('type' => 'text', 'help' => _('If a user does not log in a host after # hours the IDM will not enrich the events with that user log in information. Set a default session timeout for IDM User Login events. Value 0 disables this feature. The server will be restarted.'), 'desc' => _('IDM user login timeout'), 'advanced' => 1, 'section' => 'idm'))), 'Backup' => array('title' => _('Backup'), 'desc' => _('Backup configuration: backup database, directory, interval'), 'advanced' => 0, 'section' => 'siem,alarms,raw_logs', 'conf' => array('backup_store' => array('type' => array('0' => _('No'), '1' => _('Yes')), 'help' => _('Enable/Disable SIEM Events database backup.<br/>The events out of active window will be stored in backup files'), 'desc' => _('Enable SIEM database backup'), 'advanced' => 1), 'frameworkd_backup_storage_days_lifetime' => array('type' => 'text', 'help' => _('Number of Backup files (One file per day of Siem events) are stored in hard-disk'), 'desc' => _('Number of Backup files to keep in the filesystem'), 'section' => 'siem', 'advanced' => 0), 'backup_day' => array('type' => 'text', 'help' => _('Number of days Siem events are stored in SQL Database<br/>(0 value means no backup)'), 'desc' => _('Events to keep in the Database (Number of days)'), 'section' => 'siem', 'advanced' => 0), 'backup_events' => array('type' => 'text', 'help' => _('Maximum number of events stored in SQL Database<br/>(0 value means no limit)'), 'desc' => _('Events to keep in the Database (Number of events)'), 'section' => 'siem', 'advanced' => 0), 'backup_hour' => array('type' => 'text', 'id' => 'backup_timepicker', 'help' => _('Backup start time in format HH:MM'), 'desc' => _('Backup start time'), 'advanced' => 0), 'backup_netflow' => array('type' => 'text', 'help' => _('Number of days to store flows on netflows for'), 'desc' => _('Active Netflow Window'), 'advanced' => 0), 'alarms_expire' => array('type' => array('yes' => _('Yes'), 'no' => _('No')), 'section' => 'alarms', 'help' => _('Keep alarms on database or expire by Lifetime value'), 'desc' => _('Alarms Expire'), 'onchange' => 'change_alarms_lifetime(this.value)', 'value' => $conf->get_conf('alarms_lifetime') > 0 ? 'yes' : 'no', 'advanced' => 0), 'alarms_lifetime' => array('type' => 'text', 'section' => 'alarms', 'id' => 'alarms_lifetime', 'help' => _('Number of days to keep alarms for (0 never expires)'), 'desc' => _('Alarms Lifetime'), 'style' => $conf->get_conf('alarms_lifetime') > 0 ? '' : 'color:gray', 'advanced' => 0), 'logger_expire' => array('type' => array('yes' => _('Yes'), 'no' => _('No')), 'section' => 'raw_logs', 'id' => 'logger_expiration', 'help' => _('Keep logs on Logger storage or expire by Lifetime value'), 'desc' => _('Logger Expiration'), 'onchange' => 'change_logger_lifetime(this.value)', 'value' => $conf->get_conf('logger_storage_days_lifetime') > 0 ? 'yes' : 'no', 'advanced' => 0, 'disabled' => Session::is_pro() ? 0 : 1), 'logger_storage_days_lifetime' => array('type' => 'text', 'section' => 'raw_logs', 'id' => 'logger_storage_days_lifetime', 'help' => _('Number of days to keep Logs for (0 never expires)'), 'desc' => _('Active Logger Window'), 'onchange' => 'check_logger_lifetime(this.value)', 'style' => $conf->get_conf('logger_storage_days_lifetime') > 0 ? '' : 'color:gray', 'advanced' => 0, 'disabled' => Session::is_pro() ? 0 : 1))), 'Vulnerability Scanner' => array('title' => _('Vulnerability Scanner'), 'desc' => _('Vulnerability Scanner configuration'), 'advanced' => 0, 'section' => 'vulnerabilities', 'conf' => array('nessus_user' => array('type' => 'text', 'help' => '', 'desc' => _('Scanner Login'), 'advanced' => 1, 'section' => 'vulnerabilities'), 'nessus_pass' => array('type' => 'password', 'help' => '', 'desc' => _('Scanner Password'), 'advanced' => 1, 'section' => 'vulnerabilities'), 'nessus_host' => array('type' => 'text', 'help' => _('Only for non distributed scans'), 'desc' => _('Scanner host'), 'advanced' => 1, 'section' => 'vulnerabilities'), 'nessus_port' => array('type' => 'text', 'help' => _('Defaults to port 9390'), 'desc' => _('Scanner port'), 'advanced' => 1, 'section' => 'vulnerabilities'), 'nessus_pre_scan_locally' => array('type' => array('0' => _('No'), '1' => _('Yes')), 'help' => _('Do not pre-scan from scanning sensor'), 'desc' => _('Enable Pre-Scan locally'), 'advanced' => 1, 'section' => 'vulnerabilities'), 'vulnerability_incident_threshold' => array('type' => array('1' => 'Info', '2' => 'Low', '5' => 'Medium', '6' => 'High', '11' => _('Disabled')), 'help' => _('Any vulnerability with a higher risk level than this value will automatically generate a vulnerability ticket.'), 'desc' => _('Vulnerability Ticket Threshold'), 'advanced' => 0, 'section' => 'vulnerabilities'))), 'User Log' => array('title' => _('User activity'), 'desc' => _('User action logging'), 'advanced' => 0, 'section' => 'userlog', 'conf' => array('session_timeout' => array('type' => 'text', 'help' => _('Expired timeout for current session in minutes. (0=unlimited)'), 'desc' => _('Session Timeout (minutes)'), 'advanced' => 0, 'section' => 'userlog'), 'user_life_time' => array('type' => 'text', 'help' => _('Expired life time for current user in days. (0=never expires)'), 'desc' => _('User Life Time (days)'), 'advanced' => 0, 'section' => 'userlog'), 'user_action_log' => array('type' => array('0' => _('No'), '1' => _('Yes')), 'help' => '', 'desc' => _('Enable User Log'), 'advanced' => 0, 'section' => 'userlog'), 'log_syslog' => array('type' => array('0' => _('No'), '1' => _('Yes')), 'help' => '', 'desc' => _('Log to syslog'), 'advanced' => 0, 'section' => 'userlog'), 'track_usage_information' => array('type' => array('0' => _('No'), '1' => _('Yes')), 'more' => sprintf(' <a href="%s" target="_blank" class="terms">%s</a>', '/ossim/av_routing.php?action_type=EXT_TRACK_USAGE_INFORMATION', _('Learn more')), 'help' => sprintf(_('Shares performance, usage, system and customization data about your deployment with AlienVault to help us make %s better'), $product), 'desc' => sprintf(_('Send anonymous usage statistics and system data to AlienVault to improve %s'), $product), 'advanced' => 0, 'section' => 'userlog'))), 'Login' => array('title' => _('Login methods/options'), 'desc' => _('Setup main login methods/options'), 'advanced' => 1, 'section' => 'users', 'conf' => array('remote_key' => array('type' => 'password', 'help' => _('To apply this change restart your session'), 'desc' => _('Remote login key'), 'advanced' => 1, 'section' => 'users'), 'login_enable_ldap' => array('type' => array('yes' => _('Yes'), 'no' => _('No')), 'help' => '', 'desc' => _('Enable LDAP for login'), 'advanced' => 1, 'section' => 'users'), 'login_ldap_server' => array('type' => 'text', 'help' => 'LDAP server IP or host name', 'desc' => _('LDAP server address'), 'advanced' => 1, 'section' => 'users'), 'login_ldap_port' => array('type' => 'text', 'help' => 'TCP port to connect LDAP server<br/>By default the port is 389 or 636 if you use SSL', 'id' => 'ldap_port', 'desc' => _('LDAP server port'), 'advanced' => 1, 'section' => 'users'), 'login_ldap_ssl' => array('type' => array('yes' => _('Yes'), 'no' => _('No')), 'help' => _('use LDAP server SSL?'), 'desc' => _('LDAP server SSL'), 'onchange' => 'change_ldap_port(this.value)', 'advanced' => 1, 'section' => 'users'), 'login_ldap_tls' => array('type' => array('yes' => _('Yes'), 'no' => _('No')), 'help' => _('use LDAP server with TLS?'), 'desc' => _('LDAP server TLS'), 'advanced' => 1, 'section' => 'users'), 'login_ldap_baseDN' => array('type' => 'text', 'help' => 'Example: dc=local,dc=domain,dc=net', 'desc' => _('LDAP server baseDN'), 'advanced' => 1, 'section' => 'users'), 'login_ldap_filter_to_search' => array('type' => 'text', 'help' => _('Filter to search the users for ossim in LDAP<br />Example for LDAP:<br/> (&(cn=%u)(objectClass=account)) <b>or</b> (uid=%u) <b>or</b> (&(cn=%u)(objectClass=OrganizationalPerson))<br/>Example for AD:<br/> (&(sAMAccountName=%u)(objectCategory=person)) <b>or</b> (userPrincipalName=%u) %u is the user'), 'desc' => _('LDAP server filter for LDAP users'), 'advanced' => 1, 'section' => 'users'), 'login_ldap_bindDN' => array('type' => 'text', 'help' => _('Account to search the user in LDAP <br/>Example: user@example.com'), 'desc' => _('LDAP Username'), 'advanced' => 1, 'section' => 'users'), 'login_ldap_valid_pass' => array('type' => 'password', 'help' => _('Password of Ldap Username'), 'desc' => _('LDAP password for Username'), 'advanced' => 1, 'section' => 'users'), 'login_ldap_require_a_valid_ossim_user' => array('type' => array('yes' => _('Yes'), 'no' => _('No')), 'help' => '', 'desc' => _('Require a valid ossim user for login?'), 'advanced' => 1, 'onchange' => Session::is_pro() ? 'change_ldap_need_user(this.value)' : '', 'section' => 'users'), 'login_create_not_existing_user_entity' => array('type' => $entities, 'help' => '', 'id' => 'user_entity', 'desc' => _('Entity for new user'), 'advanced' => 1, 'section' => 'users'), 'login_create_not_existing_user_menu' => array('type' => $menus, 'help' => '', 'id' => 'user_menu', 'desc' => _('Menus for new user'), 'advanced' => 1, 'section' => 'users'))), 'Passpolicy' => array('title' => _('Password policy'), 'desc' => _('Setup login password policy options'), 'advanced' => 1, 'section' => 'users', 'conf' => array('pass_length_min' => array('type' => 'text', 'help' => _('Number (default = 7)'), 'desc' => _('Minimum password length'), 'advanced' => 1, 'section' => 'users'), 'pass_length_max' => array('type' => 'text', 'help' => _('Number (default = 32)'), 'desc' => _('Maximum password length'), 'advanced' => 1, 'section' => 'users'), 'pass_history' => array('type' => 'text', 'help' => _('Number (default = 0) -> 0 disable'), 'desc' => _('Password history'), 'advanced' => 1, 'section' => 'users'), 'pass_complex' => array('type' => array('yes' => _('Yes'), 'no' => _('No')), 'help' => _('3 of these group of characters -> lowercase, uppercase, numbers and special characters'), 'desc' => _('Complexity'), 'advanced' => 1, 'section' => 'users'), 'pass_expire_min' => array('type' => 'text', 'help' => _('The minimum password lifetime prevents users from circumventing') . '<br/>' . _('the requirement to change passwords by doing five password changes<br> in a minute to return to the currently expiring password. (0 to disable) (default 0)'), 'desc' => _('Minimum password lifetime in minutes'), 'advanced' => 1, 'section' => 'users'), 'pass_expire' => array('type' => 'text', 'help' => _('After these days the login ask for new password. (0 to disable) (default 0)'), 'desc' => _('Maximum password lifetime in days'), 'advanced' => 1, 'section' => 'users'), 'failed_retries' => array('type' => 'text', 'help' => _('Number of failed attempts prior to lockout'), 'desc' => _('Failed logon attempts'), 'advanced' => 1, 'section' => 'users'), 'unlock_user_interval' => array('type' => 'text', 'help' => _('Account lockout duration in minutes (0 = never auto-unlock)'), 'desc' => _('Account lockout duration'), 'advanced' => 1, 'section' => 'users'))), 'IncidentGeneration' => array('title' => _('Tickets'), 'desc' => _('Tickets parameters'), 'advanced' => 0, 'section' => 'tickets,alarms', 'conf' => array('alarms_generate_incidents' => array('type' => array('yes' => _('Yes'), 'no' => _('No')), 'help' => _('Enabling this option will lead to automatic ticket generation <br/>upon arrival of alarms.'), 'desc' => _('Open Tickets for new alarms automatically?'), 'section' => 'tickets,alarms', 'advanced' => 0), 'incidents_incharge_default' => array('type' => $default_entities, 'help' => _('The automatic ticket generation will use the selected in-charge user or entity. Admin user by default'), 'desc' => _('Automatic ticket generation default in-charge user/entity'), 'section' => 'tickets,alarms', 'advanced' => 0), 'tickets_send_mail' => array('type' => array('yes' => _('Yes'), 'no' => _('No')), 'help' => '', 'desc' => _('Send email notification'), 'section' => 'tickets', 'advanced' => 0), 'tickets_max_days' => array('type' => 'text', 'help' => '', 'desc' => _('Maximum days for email notification'), 'advanced' => 0, 'section' => 'tickets'), 'tickets_template_link' => array('type' => 'link', 'value' => "<a target='" . (POST('section') != '' || GET('section') != '' ? '_parent' : 'main') . "' href='/ossim/conf/emailtemplate.php'>" . _('Click here') . '</a>', 'help' => '', 'desc' => _('Email Template for tickets'), 'advanced' => 0, 'section' => 'tickets'))));
ksort($CONFIG);
function tab_discovery()
{
global $component, $uroles, $editdata, $scheduler, $username, $useremail, $dbconn, $disp, $enScanRequestImmediate, $enScanRequestRecur, $timeout, $smethod, $SVRid, $sid, $ip_list, $ip_exceptions_list, $schedule_type, $ROYEAR, $ROday, $ROMONTH, $time_hour, $time_min, $dayofweek, $dayofmonth, $sname, $user, $entity, $hosts_alive, $scan_locally, $version, $nthweekday, $semail, $not_resolve, $time_interval, $ssh_credential, $smb_credential, $net_id;
global $pluginOptions, $enComplianceChecks, $profileid;
$conf = $GLOBALS["CONF"];
$users = Session::get_users_to_assign($dbconn);
$entities_to_assign = Session::get_entities_to_assign($dbconn);
$pre_scan_locally_status = $conf->get_conf("nessus_pre_scan_locally");
$user_selected = $user;
$entity_selected = $entity;
$SVRid_selected = $SVRid;
$sid_selected = $sid != "" ? $sid : $editdata['meth_VSET'];
$timeout_selected = $editdata["meth_TIMEOUT"];
$ip_list_selected = str_replace("\\r\\n", "\n", str_replace(";;", "\n", $ip_list));
if (count($ip_exceptions_list) > 0) {
$ip_list_selected .= "\n" . implode("\n", $ip_exceptions_list);
}
$ROYEAR_selected = $ROYEAR;
$ROday_selected = $ROday;
$ROMONTH_selected = $ROMONTH;
$time_hour_selected = $time_hour;
$time_min_selected = $time_min;
$dayofweek_selected = $dayofweek;
$dayofmonth_selected = $dayofmonth;
$sname_selected = $sname;
if (preg_match("/^[a-f\\d]{32}\$/i", $net_id)) {
// Autofill new scan job from deployment
if (Asset_net::is_in_db($dbconn, $net_id)) {
$sname_selected = Asset_net::get_name_by_id($dbconn, $net_id);
$schedule_type = "M";
$ip_list = array();
$nips = explode(",", Asset_net::get_ips_by_id($dbconn, $net_id));
foreach ($nips as $nip) {
$ip_list[] = $net_id . "#" . trim($nip);
}
}
}
if ($schedule_type != "") {
$editdata['schedule_type'] = $schedule_type;
}
$cquery_like = "";
if ($component != "") {
$cquery_like = " AND component='{$component}'";
}
$today = date("Ymd");
$tyear = substr($today, 0, 4);
$nyear = $tyear + 1;
$tmonth = substr($today, 4, 2);
$tday = substr($today, 6, 2);
#SET VALUES UP IF EDIT SCHEDULER
if (isset($editdata['notify'])) {
$enotify = $editdata['notify'];
} else {
$enotify = "{$useremail}";
}
if (isset($editdata['time'])) {
list($time_hour, $time_min, $time_sec) = split(':', $editdata['time']);
$tz = Util::get_timezone();
$time_hour = $time_hour + $tz;
}
$arrTypes = array("N", "O", "D", "W", "M", "NW");
foreach ($arrTypes as $type) {
$sTYPE[$type] = "";
}
$arrJobTypes = array("C", "M", "R", "S");
foreach ($arrJobTypes as $type) {
$sjTYPE[$type] = "";
}
if (isset($editdata['schedule_type'])) {
$sTYPE[$editdata['schedule_type']] = "selected='selected'";
if ($editdata['schedule_type'] == 'D') {
$ni = 2;
} elseif ($editdata['schedule_type'] == 'O') {
$ni = 3;
} elseif ($editdata['schedule_type'] == 'W') {
$ni = 4;
} elseif ($editdata['schedule_type'] == 'NW') {
$ni = 6;
} else {
$ni = 5;
}
$show = "<br><script language=javascript>showLayer('idSched', {$ni});</script>";
} else {
if ($enScanRequestImmediate) {
$sTYPE['N'] = "selected='selected'";
$show = "<br><script language=javascript>showLayer('idSched', 1);</script>";
} else {
$sTYPE['O'] = "selected='selected'";
$show = "<br><script language=javascript>showLayer('idSched', 3);</script>";
}
}
if ($schedule_type != "") {
if ($schedule_type == "N") {
$show .= "<br><script language=javascript>showLayer('idSched', 1);</script>";
}
if ($schedule_type == "O") {
$show .= "<br><script language=javascript>showLayer('idSched', 3);</script>";
}
if ($schedule_type == "D") {
$show .= "<br><script language=javascript>showLayer('idSched', 2);</script>";
}
if ($schedule_type == "W") {
$show .= "<br><script language=javascript>showLayer('idSched', 4);</script>";
}
if ($schedule_type == "M") {
$show .= "<br><script language=javascript>showLayer('idSched', 5);</script>";
}
if ($schedule_type == "NW") {
$show .= "<br><script language=javascript>showLayer('idSched', 6);</script>";
}
}
if (isset($editdata['job_TYPE'])) {
$sjTYPE[$editdata['job_TYPE']] = "SELECTED";
} else {
$sjTYPE['M'] = "SELECTED";
}
if (isset($editdata['day_of_month'])) {
$dayofmonth = $editdata['day_of_month'];
}
if (isset($editdata['day_of_week'])) {
$day[$editdata['day_of_week']] = "SELECTED";
}
if ($dayofweek_selected != "") {
$day[$dayofweek_selected] = "SELECTED";
}
if (!$uroles['nessus']) {
$name = "sr-" . substr($username, 0, 6) . "-" . time();
$name = $editdata['name'] == "" ? $name : $editdata['name'];
$nameout = $name . "<input type=hidden style='width:210px' name='sname' value='{$name}'>";
} else {
$nameout = "<input type=text style='width:210px' name='sname' value='" . ($sname_selected != "" ? "{$sname_selected}" : "{$editdata['name']}") . "'>";
}
$discovery = "<input type=\"hidden\" name=\"save_scan\" value=\"1\">";
$discovery .= "<input type=\"hidden\" name=\"cred_type\" value=\"N\">";
$discovery .= "<table width=\"80%\" cellspacing=\"4\">";
$discovery .= "<tr>";
$discovery .= "<input type=\"hidden\" name=\"smethod\" value=\"{$smethod}\">";
$discovery .= "<td width=\"25%\" class='job_option'>" . Util::strong(_("Job Name") . ":") . "</td>";
$discovery .= "<td style=\"text-align:left;\">{$nameout}</td>";
$discovery .= "</tr>";
list($sensor_list, $total) = Av_sensor::get_list($dbconn);
$discovery .= "<tr>";
$discovery .= "<td class='job_option'>" . Util::strong(_("Select Server") . ":") . "</td>";
$discovery .= "<td style='text-align:left;'><select id='SVRid' style='width:212px' name='SVRid'>";
$discovery .= "<option value='Null'>" . _("First Available Server-Distributed") . "</option>";
foreach ($sensor_list as $_sensor_id => $sensor_data) {
if (intval($sensor_data['properties']['has_vuln_scanner']) == 1) {
$discovery .= "<option value=\"{$_sensor_id}\" ";
if ($editdata['email'] == $_sensor_id || $editdata['scan_ASSIGNED'] == $_sensor_id) {
$discovery .= " SELECTED";
}
if ($SVRid_selected == $_sensor_id) {
$discovery .= " SELECTED";
}
$discovery .= ">" . strtoupper($sensor_data['name']) . " [" . $sensor_data['ip'] . "] </option>";
}
}
$discovery .= <<<EOT
</select>
</td>
</tr>
<tr>
EOT;
$discovery .= "<td class='job_option'>" . Util::strong(_("Profile") . ":") . "</td>";
$discovery .= "<td style='text-align:left;'><select name='sid'>";
$query = "";
if ($username == "admin" || Session::am_i_admin()) {
$query = "SELECT distinct(t1.id), t1.name, t1.description \n FROM vuln_nessus_settings t1 WHERE deleted='0'\n ORDER BY t1.name";
} else {
if (Session::is_pro()) {
$users_and_entities = Acl::get_entities_to_assign($dbconn);
if (Acl::am_i_proadmin()) {
$users = Acl::get_my_users($dbconn, Session::get_session_user());
foreach ($users as $us) {
$users_and_entities[$us->get_login()] = $us->get_login();
}
$owner_list['0'] = '0';
$owner_list = array_keys($users_and_entities);
$owner_list = implode("','", $owner_list);
$query = "SELECT distinct(t1.id), t1.name, t1.description FROM vuln_nessus_settings t1\n WHERE deleted = '0' and (name='Default' or owner in ('" . $owner_list . "')) ORDER BY t1.name";
} else {
$owner_list['0'] = '0';
$owner_list[$username] = $username;
$owner_list = array_keys($users_and_entities);
$owner_list[] = Session::get_session_user();
$owner_list = implode("','", $owner_list);
$user_where = "owner in ('" . $owner_list . "')";
$query = "SELECT distinct(t1.id), t1.name, t1.description FROM vuln_nessus_settings t1\n WHERE deleted = '0' and (name='Default' or {$user_where}) ORDER BY t1.name";
}
} else {
$query = "SELECT distinct(t1.id), t1.name, t1.description FROM vuln_nessus_settings t1\n WHERE deleted = '0' and (name='Default' or owner in ('0','{$username}')) ORDER BY t1.name";
}
}
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
$result = $dbconn->execute($query);
$job_profiles = array();
$id_found = false;
$ipr = 0;
while (!$result->EOF) {
list($sid, $sname, $sdescription) = $result->fields;
if ($sid_selected == $sid) {
$id_found = true;
}
$job_profiles[$ipr]["sid"] = $sid;
$job_profiles[$ipr]["sname"] = $sname;
$job_profiles[$ipr]["sdescription"] = $sdescription;
$ipr++;
$result->MoveNext();
}
foreach ($job_profiles as $profile_data) {
$sid = $profile_data["sid"];
$sname = $profile_data["sname"];
$sdescription = $profile_data["sdescription"];
$discovery .= "<option value=\"{$sid}\" ";
if ($sid_selected == $sid) {
if ($sdescription != "") {
$discovery .= "selected>{$sname} - {$sdescription}</option>";
} else {
$discovery .= "selected>{$sname}</option>";
}
} else {
if ($sdescription != "") {
$discovery .= (preg_match("/default/i", $sname) && !$id_found ? 'selected="selected"' : "") . ">{$sname} - {$sdescription}</option>";
} else {
$discovery .= (preg_match("/default/i", $sname) && !$id_found ? 'selected="selected"' : "") . ">{$sname}</option>";
}
}
}
$discovery .= "</select>  <a href=\"" . Menu::get_menu_url('settings.php', 'environment', 'vulnerabilities', 'scan_jobs') . "\">[" . _("EDIT PROFILES") . "]</a></td>";
$discovery .= "</tr>";
$discovery .= "<tr>";
$discovery .= "<td class='job_option' style='vertical-align: top;'><div>" . Util::strong(_("Schedule Method") . ":") . "</div></td>";
$discovery .= "<td style='text-align:left'><div><select name='schedule_type' id='scheduleM'>";
$discovery .= "<option value='N' {$sTYPE['N']}>" . _("Immediately") . "</option>";
$discovery .= "<option value='O' {$sTYPE['O']}>" . _("Run Once") . "</option>";
$discovery .= "<option value='D' {$sTYPE['D']}>" . _("Daily") . "</option>";
$discovery .= "<option value='W' {$sTYPE['W']}>" . _("Day of the Week") . "</option>";
$discovery .= "<option value='M' {$sTYPE['M']}>" . _("Day of the Month") . "</option>";
$discovery .= "<option value='NW' {$sTYPE['NW']}>" . _("N<sup>th</sup> weekday of the month") . "</option>";
$discovery .= "</select></div></tr>";
$smethods = array("O", "D", "W", "M", "NW");
$smethodtr_display = in_array($editdata['schedule_type'], $smethods) ? "" : "style='display:none'";
$discovery .= "<tr {$smethodtr_display} id='smethodtr'><td> </td>";
$discovery .= <<<EOT
</td>
<td><div>
<div id="idSched1" class="forminput">
</div>
EOT;
// div to select start day
$discovery .= "<div id=\"idSched8\" class=\"forminput\">";
$discovery .= "<table cellspacing=\"2\" cellpadding=\"0\" width=\"100%\">";
$discovery .= "<tr><th width='35%'>" . _("Begin in") . "</th><td class='noborder' nowrap='nowrap'>" . gettext("Year") . " <select name='biyear'>";
$discovery .= "<option value=\"{$tyear}\" selected>{$tyear}</option>";
$discovery .= "<option value=\"{$nyear}\" >{$nyear}</option>";
$discovery .= "</select> " . gettext("Month") . " <select name='bimonth'>";
for ($i = 1; $i <= 12; $i++) {
$discovery .= "<option value=\"{$i}\" ";
if ($i == $tmonth) {
$discovery .= "selected";
}
$discovery .= ">{$i}</option>";
}
$discovery .= "</select> " . gettext("Day") . " <select name=\"biday\">";
for ($i = 1; $i <= 31; $i++) {
$discovery .= "<option value=\"{$i}\" ";
if ($i == $tday) {
$discovery .= "selected";
}
$discovery .= ">{$i}</option>";
}
$discovery .= "</select></td>";
$discovery .= "</tr>";
$discovery .= "</table>";
$discovery .= "</div>";
$discovery .= <<<EOT
<div id="idSched3" class="forminput">
<table cellspacing="2" cellpadding="0" width="100%">
EOT;
$discovery .= "<tr><th width='35%'>" . _("Day") . "</th><td colspan='6' class='noborder' nowrap='nowrap'>" . gettext("Year") . " <select name='ROYEAR'>";
$discovery .= "<option value=\"{$tyear}\" " . ($ROYEAR_selected == "" || $ROYEAR_selected == $tyear ? "selected" : "") . ">{$tyear}</option>";
$discovery .= "<option value=\"{$nyear}\" " . ($ROYEAR_selected == $nyear ? "selected" : "") . ">{$nyear}</option>";
$discovery .= "</select> " . gettext("Month") . " <select name='ROMONTH'>";
for ($i = 1; $i <= 12; $i++) {
$discovery .= "<option value=\"{$i}\" ";
if ($i == $tmonth && $ROMONTH_selected == "" || $ROMONTH_selected == $i) {
$discovery .= "selected";
}
$discovery .= ">{$i}</option>";
}
$discovery .= "</select> " . gettext("Day") . " <select name=\"ROday\">";
for ($i = 1; $i <= 31; $i++) {
$discovery .= "<option value=\"{$i}\" ";
if ($i == $tday && $ROday_selected == "" || $ROday_selected == $i) {
$discovery .= "selected";
}
$discovery .= ">{$i}</option>";
}
$discovery .= <<<EOT
</select></td>
</tr>
</table>
</div>
<div id="idSched4" class="forminput" >
<table width="100%">
<tr>
EOT;
$discovery .= "<th align=\"right\" width=\"35%\">" . _("Weekly") . "</th><td colspan=\"2\" class=\"noborder\">";
$discovery .= "<select name=\"dayofweek\">";
$discovery .= "<option value=\"Su\" SELECTED >" . gettext("Select week day to run") . "</option>";
$discovery .= "<option value=\"Su\" {$day['Su']} >" . gettext("Sunday") . "</option>";
$discovery .= "<option value=\"Mo\" {$day['Mo']} >" . gettext("Monday") . "</option>";
$discovery .= "<option value=\"Tu\" {$day['Tu']} >" . gettext("Tuesday") . "</option>";
$discovery .= "<option value=\"We\" {$day['We']} >" . gettext("Wednesday") . "</option>";
$discovery .= "<option value=\"Th\" {$day['Th']} >" . gettext("Thursday") . "</option>";
$discovery .= "<option value=\"Fr\" {$day['Fr']} >" . gettext("Friday") . "</option>";
$discovery .= "<option value=\"Sa\" {$day['Sa']} >" . gettext("Saturday") . "</option>";
$discovery .= "</select>";
$discovery .= "</td>";
$discovery .= <<<EOT
</tr>
</table>
</div>
<div id="idSched5" class="forminput">
<table width="100%">
<tr>
EOT;
$discovery .= "<th width='35%'>" . gettext("Select Day") . "</td>";
$discovery .= <<<EOT
<td colspan="2" class="noborder"><select name="dayofmonth">"
EOT;
for ($i = 1; $i <= 31; $i++) {
$discovery .= "<option value=\"{$i}\"";
if ($dayofmonth == $i && $dayofmonth_selected == "" || $dayofmonth_selected == $i) {
$discovery .= " selected";
}
$discovery .= ">{$i}</option>";
}
$discovery .= <<<EOT
</select></td>
</tr>
</table>
</div>
<div id="idSched6" class="forminput">
<table width="100%">
<tr>
EOT;
$discovery .= "<th width=\"35%\">" . gettext("Day of week") . "</th><td colspan=\"2\" class=\"noborder\">";
$discovery .= "<select name=\"nthdayofweek\">";
$discovery .= "<option value=\"Su\" SELECTED >" . gettext("Select week day to run") . "</option>";
$discovery .= "<option value=\"Su\" {$day['Su']} >" . gettext("Sunday") . "</option>";
$discovery .= "<option value=\"Mo\" {$day['Mo']} >" . gettext("Monday") . "</option>";
$discovery .= "<option value=\"Tu\" {$day['Tu']} >" . gettext("Tuesday") . "</option>";
$discovery .= "<option value=\"We\" {$day['We']} >" . gettext("Wednesday") . "</option>";
$discovery .= "<option value=\"Th\" {$day['Th']} >" . gettext("Thursday") . "</option>";
$discovery .= "<option value=\"Fr\" {$day['Fr']} >" . gettext("Friday") . "</option>";
$discovery .= "<option value=\"Sa\" {$day['Sa']} >" . gettext("Saturday") . "</option>";
$discovery .= "</select>";
$discovery .= "</td>";
$discovery .= <<<EOT
</tr>
</table>
<br>
<table width="100%">
<tr>
EOT;
$discovery .= "<th align='right'>" . gettext("N<sup>th</sup> weekday") . "</th><td colspan='2' class='noborder'>";
$discovery .= "<select name='nthweekday'>";
$discovery .= "<option value='1'>" . gettext("Select nth weekday to run") . "</option>";
$discovery .= "<option value='1'" . ($dayofmonth == 1 ? " selected" : "") . ">" . gettext("First") . "</option>";
$discovery .= "<option value='2'" . ($dayofmonth == 2 ? " selected" : "") . ">" . gettext("Second") . "</option>";
$discovery .= "<option value='3'" . ($dayofmonth == 3 ? " selected" : "") . ">" . gettext("Third") . "</option>";
$discovery .= "<option value='4'" . ($dayofmonth == 4 ? " selected" : "") . ">" . gettext("Fourth") . "</option>";
$discovery .= "<option value='5'" . ($dayofmonth == 5 ? " selected" : "") . ">" . gettext("Fifth") . "</option>";
$discovery .= "<option value='6'" . ($dayofmonth == 6 ? " selected" : "") . ">" . gettext("Sixth") . "</option>";
$discovery .= "<option value='7'" . ($dayofmonth == 7 ? " selected" : "") . ">" . gettext("Seventh") . "</option>";
$discovery .= "<option value='8'" . ($dayofmonth == 8 ? " selected" : "") . ">" . gettext("Eighth") . "</option>";
$discovery .= "<option value='9'" . ($dayofmonth == 9 ? " selected" : "") . ">" . gettext("Ninth") . "</option>";
$discovery .= "<option value='10'" . ($dayofmonth == 10 ? " selected" : "") . ">" . gettext("Tenth") . "</option>";
$discovery .= <<<EOT
</select>
</td>
</tr>
</table>
</div>
EOT;
$discovery .= "<div id='idSched7' class='forminput' style=margin-bottom:3px;>";
$discovery .= "<table width='100%'>";
$discovery .= "<tr>";
$discovery .= "<th width='35%'>" . _("Frequency") . "</th>";
$discovery .= "<td width='100%' style='text-align:center;' class='nobborder'>";
$discovery .= "<span style='margin-right:5px;'>" . _("Every") . "</span>";
$discovery .= "<select name='time_interval'>";
for ($itime = 1; $itime <= 30; $itime++) {
$discovery .= "<option value='" . $itime . "'" . ($editdata['time_interval'] == $itime ? " selected" : "") . ">" . $itime . "</option>";
}
$discovery .= "</select>";
$discovery .= "<span id='days' style='margin-left:5px'>" . _("day(s)") . "</span><span id='weeks' style='margin-left:5px'>" . _("week(s)") . "</span>";
$discovery .= "</td>";
$discovery .= "</tr>";
$discovery .= "</table>";
$discovery .= "</div>";
$discovery .= <<<EOT
<div id="idSched2" class="forminput">
<table width="100%">
EOT;
$discovery .= "<tr>";
$discovery .= "<th rowspan='2' align='right' width='35%'>" . gettext("Time") . "</td>";
$discovery .= "<td align='right'>" . gettext("Hour") . "</td>";
$discovery .= <<<EOT
<td align="left" class="noborder"><select name="time_hour">
EOT;
for ($i = 0; $i <= 23; $i++) {
$discovery .= "<option value=\"{$i}\"";
if ($time_hour == $i && $time_hour_selected == "" || $time_hour_selected == $i) {
$discovery .= " selected";
}
$discovery .= ">{$i}</option>";
}
$discovery .= "</select></td><td align='right'>" . gettext("Minutes") . "</td>\n <td class='noborder' align='left'><select name='time_min'>";
for ($i = 0; $i < 60; $i = $i + 15) {
$discovery .= "<option value=\"{$i}\"";
if ($time_min == $i && $time_min_selected == "" || $time_min_selected == $i) {
$discovery .= " selected";
}
$discovery .= ">{$i}</option>";
}
$discovery .= <<<EOT
</select></td>
</tr>
</table>
</div>
</tr>
EOT;
$discovery .= "<tr>";
$discovery .= "\t\t<td class='madvanced'><a class='section'><img id='advanced_arrow' border='0' align='absmiddle' src='../pixmaps/arrow_green.gif'>" . _("ADVANCED") . "</a></td>";
$discovery .= "\t\t<td> </td>";
$discovery .= "</tr>";
if ($_SESSION["scanner"] == "omp") {
$credentials = Vulnerabilities::get_credentials($dbconn, 'ssh');
preg_match("/(.*)\\|(.*)/", $editdata["credentials"], $found);
$discovery .= "<tr class='advanced'>";
$discovery .= "<td class='job_option'>" . Util::strong(_("SSH Credential:")) . "</td>";
$discovery .= "<td style='text-align:left'><select id='ssh_credential' name='ssh_credential'>";
$discovery .= "<option value=''>--</option>";
foreach ($credentials as $cred) {
$login_text = $cred["login"];
if ($cred["login"] == '0') {
$login_text = _("All");
} elseif (valid_hex32($cred["login"])) {
$login_text = Session::get_entity_name($dbconn, $cred["login"]);
}
$selected = $found[1] == $cred["name"] . "#" . $cred["login"] || $cred["name"] . "#" . $cred["login"] == $ssh_credential ? " selected='selected'" : "";
$discovery .= "<option value='" . $cred["name"] . "#" . $cred["login"] . "' {$selected}>" . $cred["name"] . " (" . $login_text . ")</option>";
}
$discovery .= "</select></td>";
$discovery .= "</tr>";
$credentials = Vulnerabilities::get_credentials($dbconn, 'smb');
$discovery .= "<tr class='advanced'>";
$discovery .= "<td class='job_option'>" . Util::strong(_("SMB Credential:")) . "</td>";
$discovery .= "<td style='text-align:left'><select id='smb_credential' name='smb_credential'>";
$discovery .= "<option value=''>--</option>";
foreach ($credentials as $cred) {
$login_text = $cred["login"];
if ($cred["login"] == '0') {
$login_text = _("All");
} elseif (valid_hex32($cred["login"])) {
$login_text = Session::get_entity_name($dbconn, $cred["login"]);
}
$selected = $found[2] == $cred["name"] . "#" . $cred["login"] || $cred["name"] . "#" . $cred["login"] == $smb_credential ? " selected='selected'" : "";
$discovery .= "<option value='" . $cred["name"] . "#" . $cred["login"] . "' {$selected}>" . $cred["name"] . " (" . $login_text . ")</option>";
}
$discovery .= "</select></td>";
$discovery .= "</tr>";
}
$discovery .= "<tr class='job_option advanced'>";
$discovery .= "<td class='job_option'>" . Util::strong(_("Timeout:")) . "</td>";
$discovery .= "<td style=\"text-align:left;\" nowrap><input type='text' style='width:80px' name='timeout' value='" . ($timeout_selected == "" ? "{$timeout}" : "{$timeout_selected}") . "'>";
$discovery .= "<font color='black'> " . _("Max scan run time in seconds") . " </font></td>";
$discovery .= "</tr>";
$discovery .= "<tr class='advanced'><td class='job_option'>" . Util::strong(_("Send an email notification:"));
$discovery .= "</td>";
$discovery .= "<td style=\"text-align:left;\">";
$discovery .= "<input type=\"radio\" name=\"semail\" value=\"0\"" . (count($editdata) <= 1 && intval($semail) == 0 || intval($editdata['meth_Wfile']) == 0 ? " checked" : "") . "/>" . _("No");
$discovery .= "<input type=\"radio\" name=\"semail\" value=\"1\"" . (count($editdata) <= 1 && intval($semail) == 1 || intval($editdata['meth_Wfile']) == 1 ? " checked" : "") . "/>" . _("Yes");
$discovery .= "</td></tr>";
$discovery .= "<tr class='advanced'>\n\t\t\t\t\t\t<td class='job_option'>" . Util::strong(_("Scan job visible for:")) . "</td>\n\t\t\t\t\t\t<td style='text-align: left'>\n\t\t\t\t\t\t\t<table cellspacing='0' cellpadding='0' class='transparent' style='margin: 5px 0px;'>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td class='nobborder'><span style='margin-right:3px'>" . _('User:'******'nobborder'>\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t<select name='user' id='user' onchange=\"switch_user('user');return false;\">";
$num_users = 0;
foreach ($users as $k => $v) {
$login = $v->get_login();
$selected = $editdata["username"] == $login || $user_selected == $login ? "selected='selected'" : "";
$options .= "<option value='" . $login . "' {$selected}>{$login}</option>\n";
$num_users++;
}
if ($num_users == 0) {
$discovery .= "<option value='' style='text-align:center !important;'>- " . _("No users found") . " -</option>";
} else {
$discovery .= "<option value='' style='text-align:center !important;'>- " . _("Select one user") . " -</option>\n";
$discovery .= $options;
}
$discovery .= "\t\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t</td>";
if (!empty($entities_to_assign)) {
$discovery .= "\t \t\t\t<td style='text-align:center; border:none; !important'><span style='padding:5px;'>" . _("OR") . "<span></td>\n\t\t\t\t\t\t\t\t\t<td class='nobborder'><span style='margin-right:3px'>" . _("Entity:") . "</span></td>\n\t\t\t\t\t\t\t\t\t<td class='nobborder'>\t\n\t\t\t\t\t\t\t\t\t\t<select name='entity' id='entity' onchange=\"switch_user('entity');return false;\">\n\t\t\t\t\t\t\t\t\t\t\t<option value='' style='text-align:center !important;'>-" . _("Select one entity") . "-</option>";
foreach ($entities_to_assign as $k => $v) {
$selected = $editdata["username"] == $k || $entity_selected == $k ? "selected='selected'" : "";
$discovery .= "<option value='{$k}' {$selected}>{$v}</option>";
}
$discovery .= "\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t</td>";
}
$discovery .= " \t \t</tr>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>";
$discovery .= "<tr><td valign=\"top\" width=\"15%\" class=\"job_option noborder\"><br>";
// conditions to exclude IPs
$condition1 = count($editdata) <= 1 && intval($hosts_alive) == 1 ? TRUE : FALSE;
$condition2 = preg_match('/' . EXCLUDING_IP2 . '/', trim($editdata["meth_TARGET"]));
$condition3 = intval($editdata['meth_CRED']) == 1 ? TRUE : FALSE;
$condition4 = count($ip_exceptions_list) > 0 ? TRUE : FALSE;
$host_alive_check = $condition1 || $condition2 || $condition3 || $condition4 ? ' checked' : '';
$host_alive_status = $condition2 || $condition4 ? ' disabled=\\"disabled\\"' : '';
$discovery .= "<input onclick=\"toggle_scan_locally()\" type=\"checkbox\" id=\"hosts_alive\" name=\"hosts_alive\" value=\"1\"" . $host_alive_check . $host_alive_status . ">" . Util::strong(_("Only scan hosts that are alive")) . "<br>(" . Util::strong(_("greatly speeds up the scanning process")) . ")<br><br>";
$discovery .= "<input type=\"checkbox\" id=\"scan_locally\" name=\"scan_locally\" value=\"1\"" . ($pre_scan_locally_status == 0 ? " disabled=\"disabled\"" : "") . ($pre_scan_locally_status == 1 && (intval($editdata['authorized']) == 1 || intval($scan_locally) == 1) ? " checked" : "") . ">" . Util::strong(_("Pre-Scan locally")) . "<br>(" . Util::strong(_("do not pre-scan from scanning sensor")) . ")<br><br>";
$discovery .= "<input type=\"checkbox\" id=\"not_resolve\" name=\"not_resolve\" value=\"1\" " . ($editdata['resolve_names'] === "0" || $not_resolve == "1" ? "checked=\"checked\"" : "") . "/>" . Util::strong(_("Do not resolve names"));
$discovery .= <<<EOT
</td>
EOT;
$discovery .= ' <td class="noborder" valign="top">';
$discovery .= ' <table width="100%" class="transparent" cellspacing="0" cellpadding="0">';
$discovery .= ' <tr>';
$discovery .= ' <td class="nobborder" style="vertical-align: top;text-align:left;padding:10px 0px 0px 0px;">';
$discovery .= ' <table class="transparent" cellspacing="4">';
$discovery .= ' <tr>';
$discovery .= ' <td class="nobborder" style="text-align:left;"><input class="greyfont" type="text" id="searchBox" value="' . _("Type here to search assets (Hosts/Networks)") . '" /></td>';
$discovery .= ' </tr>';
$discovery .= ' <tr>';
$discovery .= ' <td class="nobborder"><select id="targets" name="targets[]" multiple="multiple">';
if (!empty($editdata["meth_TARGET"])) {
$ip_list = explode("\n", trim($editdata["meth_TARGET"]));
}
if (!empty($ip_list)) {
foreach ($ip_list as $asset) {
if (preg_match("/([a-f\\d]+)#(.*)/i", $asset, $found)) {
if (Asset_host::is_in_db($dbconn, $found[1])) {
$_asset_name = Asset_host::get_name_by_id($dbconn, $found[1]) . " (" . $found[2] . ")";
} else {
$_asset_name = Asset_net::get_name_by_id($dbconn, $found[1]) . " (" . $found[2] . ")";
}
$discovery .= '<option value="' . $asset . '">' . $_asset_name . '</option>';
} else {
$discovery .= '<option value="' . $asset . '">' . $asset . '</option>';
}
}
foreach ($ip_exceptions_list as $asset) {
$discovery .= '<option value="' . $asset . '">' . $asset . '</option>';
}
}
$discovery .= ' </select></td>';
$discovery .= ' </tr>';
$discovery .= ' <tr>';
$discovery .= ' <td class="nobborder" style="text-align:right"><input type="button" value=" [X] " id="delete_target" class="av_b_secondary small"/>';
$discovery .= ' <input type="button" style="margin-right:0px;"value="Delete all" id="delete_all" class="av_b_secondary small"/></td>';
$discovery .= ' </tr>';
$discovery .= ' </table>';
$discovery .= ' </td>';
$discovery .= ' <td class="nobborder" width="450px;" style="vertical-align: top;padding:0px 0px 0px 5px;">';
$discovery .= ' <div id="vtree" style="text-align:left;width:100%;"></div>';
$discovery .= ' </td>';
$discovery .= ' </tr>';
$discovery .= ' </table>';
$discovery .= ' </td>';
$discovery .= '</tr>';
$discovery .= '</table>';
$discovery .= '</tr></td></table>';
$discovery .= $show;
return $discovery;
}
