$interval = "monthname(convert_tz(timestamp,'+00:00','{$tzc}')) as intervalo, year(convert_tz(timestamp,'+00:00','{$tzc}')) as suf"; $grpby = "GROUP BY intervalo,suf ORDER BY suf,intervalo"; } $sqlgraph = "SELECT {$counter}, {$interval} {$from} {$where} AND acid_event.plugin_id=PLUGINID AND acid_event.plugin_sid=PLUGINSID {$grpby}"; $_SESSION['_siem_current_query_graph'] = $sqlgraph; //echo $sql."<br>".$sqlgraph."<br>".$interval." ".$tr; if (file_exists('/tmp/debug_siem')) { file_put_contents("/tmp/siem", "STATS UNIQUE:{$sql}\n{$sqlalerts}\n{$sqlips}\n{$sqlgraph}\n", FILE_APPEND); } /* Run the Query again for the actual data (with the LIMIT) */ session_write_close(); $result = $qs->ExecuteOutputQuery($sql, $db); if ($result->baseRecordCount() == 0 && $use_ac) { $result = $qs->ExecuteOutputQuery($sql, $db); } $event_cnt = $qs->GetCalcRows($criteria_clauses[9], $result->baseRecordCount(), $db); $debug_time_mode >= 1 ? $et->Mark("Retrieve Query Data") : ''; // if ($debug_mode == 1) { // $qs->PrintCannedQueryList(); // $qs->DumpState(); // echo "$sql<BR>"; // } /* Print the current view number and # of rows */ $qs->PrintEstimatedResultCnt(); echo ' <script src="../js/jquery.flot.pie.js" language="javascript" type="text/javascript"></script> '; echo '<FORM METHOD="post" NAME="PacketForm" id="PacketForm" ACTION="base_stat_alerts.php">'; if ($qs->num_result_rows > 0) { $qro->PrintHeader(); }
$interval = "day(convert_tz(timestamp,'+00:00','{$tzc}')) as intervalo, monthname(convert_tz(timestamp,'+00:00','{$tzc}')) as suf"; $grpby = "GROUP BY intervalo,suf ORDER BY suf,intervalo"; break; default: $interval = "monthname(convert_tz(timestamp,'+00:00','{$tzc}')) as intervalo, year(convert_tz(timestamp,'+00:00','{$tzc}')) as suf"; $grpby = "GROUP BY intervalo,suf ORDER BY suf,intervalo"; } $sqlgraph = "SELECT count(acid_event.plugin_sid) as sig_cnt, {$interval} {$from1} {$where1} AND acid_event.plugin_id=PLUGINID AND acid_event.plugin_sid=PLUGINSID {$grpby}"; $_SESSION['siem_current_query_graph'] = $sqlgraph; //echo $sql."<br>".$sqlgraph."<br>".$interval." ".$tr; /* Run the Query again for the actual data (with the LIMIT) */ $result = $qs->ExecuteOutputQuery($sql, $db); if ($result->baseRecordCount() == 0 && $use_ac) { $result = $qs->ExecuteOutputQuery($sql2, $db); } $event_cnt = $qs->GetCalcRows($criteria_clauses[2], $result->baseRecordCount(), $db, "select count(*) from (SELECT cnt FROM ac_acid_event as acid_event WHERE 1=1 " . $criteria_clauses[2] . " GROUP BY plugin_id,plugin_sid) as cnt"); $debug_time_mode >= 1 ? $et->Mark("Retrieve Query Data") : ''; // if ($debug_mode == 1) { // $qs->PrintCannedQueryList(); // $qs->DumpState(); // echo "$sql<BR>"; // } /* Print the current view number and # of rows */ $qs->PrintEstimatedResultCnt(); echo ' <script src="../js/jquery.flot.pie.js" language="javascript" type="text/javascript"></script> '; echo '<FORM METHOD="post" NAME="PacketForm" id="PacketForm" ACTION="base_stat_alerts.php">'; if ($qs->num_result_rows > 0) { $qro->PrintHeader(); }