function draw_hosts_by_nets_os($conn, $data) { global $empty_tree; $tree = array(); $os = $data['os']; $id = $data['net']; ossim_valid($os, "windows|linux", 'illegal:' . _("Operating System")); ossim_valid($id, OSS_HEX, 'illegal:' . _("Network")); if (ossim_error()) { ossim_clean_error(); return $empty_tree; } $prm = array('%"' . $os . '%'); if ($id == '0') { $id_sql = ' AND n.id IS NULL'; } else { $id_sql = ' AND n.id = UNHEX(?)'; $prm[] = $id; } $sql = "SELECT DISTINCT hex(h.id) AS id , h.hostname AS name\n FROM host_properties hp, host h\n LEFT JOIN host_net_reference hn ON hn.host_id=h.id\n LEFT JOIN net n ON n.id=hn.net_id\n WHERE h.id=hp.host_id AND hp.property_ref=3 AND hp.value LIKE ? {$id_sql}"; //Always cached $rs = $conn->CacheExecute($sql, $prm); if (!$rs || $rs->EOF) { return $empty_tree; } while (!$rs->EOF) { $tooltip = 'IPs: ' . Asset_host_ips::get_ips_to_string($conn, $rs->fields['id']); $_aux = array('key' => 'host_' . $rs->fields['id'], 'title' => $rs->fields['name'], 'isFolder' => FALSE, 'icon' => FALSE, 'type' => 'host', 'host_id' => $rs->fields['id'], 'tooltip' => $tooltip); $tree[] = $_aux; $rs->MoveNext(); } return $tree; }
$validation_errors = validate_form_fields('POST', $validate); //Extra validations if (empty($validation_errors['sensor_id']) && !Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) { $validation_errors['sensor_id'] = sprintf(_("Sensor %s not allowed. Please check with your account admin for more information"), Av_sensor::get_name_by_id($conn, $sensor_id)); } if (is_array($validation_errors) && !empty($validation_errors)) { $error_msg = "<div style='text-align: left;'>" . _('The following errors occurred') . ":</div>\n <div style='padding-left:15px; text-align: left;'>" . implode('<br/>', $validation_errors) . "</div>"; $error = Token::create_error_message(); Util::response_bad_request($error_msg); } $warning_msg = ''; //Validate IP/CIDR if ($ip_cidr != 'any' && $ip_cidr != '0.0.0.0/0') { if (Asset_host_ips::valid_ip($ip_cidr)) { //Agent IP/CIDR is an IP address $asset_ips = Asset_host_ips::get_ips_to_string($conn, $asset_id); if (preg_match('/' . $ip_cidr . '/', $asset_ips) == FALSE) { $warning_msg = _('The asset IP and IP/CIDR do not match'); } } else { //Agent IP/CIDR is an CIDR $ip_range = CIDR::expand_cidr($ip_cidr, 'SHORT', 'LONG'); $asset_ips_obj = new Asset_host_ips($asset_id); $asset_ips_obj->load_from_db($conn); $asset_ips = $asset_ips_obj->get_ips(); $valid_ip_range = FALSE; foreach ($asset_ips as $a_data) { $ip = Asset_host_ips::ip2ulong($a_data['ip']); if ($ip >= $ip_range[0] && $ip <= $ip_range[1]) { $valid_ip_range = TRUE; break;
$id = GET('id'); ossim_valid($id, OSS_HEX, 'illegal:' . _("Network ID")); ossim_valid($type, "network", "server", 'illegal:' . _("Asset Type")); if (ossim_error()) { $error_msg = "Error: " . ossim_get_error(); $error = true; ossim_clean_error(); } $type = $type == 'server' ? 1 : 4; $sql = "SELECT distinct HEX(h.id) as id, h.hostname, MAX(DATE(ac.timestamp)) as log\n\t\t\t\tFROM alienvault.host_types t, alienvault.host_net_reference hn, alienvault.host h \n\t\t\t\tLEFT JOIN alienvault_siem.ac_acid_event ac ON ac.src_host = h.id\n\t\t\t\tWHERE h.id=hn.host_id AND h.id=t.host_id AND t.type=? AND hn.net_id=UNHEX(?)\n\t\t\t\tGROUP BY h.id\n\t\t\t\t"; $params = array($type, $id); $asset_list = array(); if ($rs = $conn->Execute($sql, $params)) { while (!$rs->EOF) { try { $ips = Asset_host_ips::get_ips_to_string($conn, $rs->fields['id']); } catch (Exception $e) { $ips = ''; } $asset_list[] = array('id' => $rs->fields['id'], 'name' => $rs->fields["hostname"], 'ip' => $ips, 'log' => $rs->fields["log"]); $rs->MoveNext(); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo _("OSSIM Framework"); ?> </title>
function deploy_agents($conn, $wizard) { //Aux variable that is returned $data = array(); //If we have already initialized the deploy, we return true to check the status $started = $wizard->get_step_data('deploy_initialized'); if ($started === TRUE) { $response['error'] = FALSE; $response['data'] = $data; return $response; } //Retrieving the params $os = $wizard->get_step_data('deploy_os'); $username = $wizard->get_step_data('deploy_username'); $domain = $wizard->get_step_data('deploy_domain'); //Getting the array of hosts $hosts = $wizard->get_step_data('deploy_hosts'); $hosts = is_array($hosts) ? $hosts : array(); //Getting the password and decrypting $password = $wizard->get_step_data('deploy_password'); $password = Util::decrypt($password, Util::get_system_uuid()); $total_ip = 0; //Performing linux deployment --> Agentless if ($os == 'linux') { $sensor_id = get_sensor_id(); $deploy = 0; //Num of successful deployments --> Initially 0 //Arguments for the agentless entries $arguments = '/etc /usr/bin /usr/sbin /bin /sbin'; foreach ($hosts as $h) { $ips = Asset_host_ips::get_ips_to_string($conn, $h); $ips = explode(',', $ips); $hostname = Asset_host::get_name_by_id($conn, $h); foreach ($ips as $ip) { try { //Adding Aggentless Ossec_agentless::save_in_db($conn, $ip, $sensor_id, $hostname, $username, $password, '', FALSE, ''); //Adding Aggentless Entries Ossec_agentless::add_monitoring_entry($conn, $ip, $sensor_id, 'ssh_integrity_check_bsd', 3600, 'periodic', $arguments); Ossec_agentless::add_monitoring_entry($conn, $ip, $sensor_id, 'ssh_integrity_check_linux', 3600, 'periodic', $arguments); $deploy++; } catch (Exception $e) { Av_exception::write_log(Av_exception::USER_ERROR, $e->getMessage()); } $total_ip++; } } //Saving the number of the successful deployments $wizard->set_step_data('deploy_success', $deploy); } elseif ($os == 'windows') { $jobs = array(); foreach ($hosts as $h) { $ips = Asset_host_ips::get_ips_to_string($conn, $h); $ips = explode(',', $ips); foreach ($ips as $ip) { try { //Adding job to deploy ossec. $name = 'Windows-' . str_replace('.', '-', $ip); $job = Welcome_wizard::launch_ossec_deploy($name, $ip, $username, $domain, $password); $jid = md5($h . $ip); $jobs[$jid] = array('job_id' => $job['job_id'], 'agent' => $name . '(' . $ip . ')'); } catch (Exception $e) { Av_exception::write_log(Av_exception::USER_ERROR, $e->getMessage()); } $total_ip++; } } //Saving the jobs IDs in the wizard object $wizard->set_step_data('deploy_jobs', $jobs); } $total_ip = $total_ip > count($hosts) ? $total_ip : count($hosts); $data['total_ips'] = $total_ip; //Setting the total of ips. $wizard->set_step_data('deploy_total_ips', $total_ip); //Setting to true the flag that warns that the deploy has been already initialized. $wizard->set_step_data('deploy_initialized', TRUE); //Saving the wizard status $wizard->save_status(); $response['error'] = FALSE; $response['data'] = $data; return $response; }