$dDB["_shared"]->put("SS_AttackedHost" . $runorder, $list); $font_size = getFontSizeSIEM($list); foreach ($list as $l) { $ip = $l[0]; $occurrences = number_format($l[1], 0, ",", "."); $host_id = $l[2]; $ctx = $l[3] != '' ? $l[3] : Session::get_default_ctx(); $host_output = Asset_host::get_extended_name($security_report->ossim_conn, $geoloc, $ip, $ctx, $host_id); $os_pixmap = $host_id != "" ? Asset_host_properties::get_os_by_host($security_report->ossim_conn, $host_id) : ""; $hostname = $host_id != "" ? $host_output['name'] : $ip; $icon = $host_output['html_icon']; $link = "{$acid_link}/" . $acid_prefix . "_stat_alerts.php?&" . "num_result_rows=-1&" . "submit=Query+DB&" . "current_view=-1&" . "ip_addr[0][1]={$target}&" . "ip_addr[0][2]==&" . "ip_addr[0][3]={$ip}&" . "ip_addr_cnt=1&" . "sort_order=time_d"; $bc = $c++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set(' <tr ' . $bc . '> <td style="width:55mm;font-size:' . $font_size . 'px">' . $icon . ' ' . Util::wordwrap($hostname, 21, " ", true) . ' ' . $os_pixmap . '</td> <td style="width:22mm;text-align:center;font-size:' . $font_size . 'px">' . $occurrences . '</td> </tr>'); } $htmlPdfReport->set(' </table> </td> <td valign="top" style="padding-top:15px; width:98mm;">'); if ($report_graph_type == "applets") { jgraph_attack_graph($target, $num_hosts); } else { $htmlPdfReport->set('<img src="' . $htmlPdfReport->newImage('/report/graphs/attack_graph.php?shared=' . urlencode($shared_file) . '&target=' . $target . '&hosts=' . $num_hosts . '&type=' . $report_type . '&date_from=' . urlencode($date_from) . '&date_to=' . urlencode($date_to) . '&runorder=' . $runorder, 'png') . '" />'); } $htmlPdfReport->set(' </td> </tr>
} else { $i = 0; while (!$rs->EOF) { if (preg_match('/base64/', $rs->fields['cell_data'])) { $flags = explode("####", $rs->fields['cell_data'], 2); } else { $flags = array($rs->fields['cell_data'], $rs->fields['dataV4']); } $td_style = 'font-size: 10px; text-align:center;'; $html_fields = "<td valign='middle' style='" . $td_style . " width:40mm; text-align: left;'>" . Util::wordwrap($rs->fields['dataV1'], 21, "<br/>", true); if (preg_match('/base64/', $flags[0])) { $html_fields .= preg_replace("/img src/", "img style='margin-left: 2mm;' align='absmiddle' align='center' src", $flags[0]); } elseif ($flags[0] != '') { $html_fields .= "<img border='0' style='margin-left: 2mm;' align='absmiddle' align='center' src='" . $flags[0] . "'/>"; } $html_fields .= "</td>\n\r\n\t\t\t\t\t\t\t\t <td valign='middle' style='" . $td_style . " width:40mm; text-align: left;'>" . Util::wordwrap($rs->fields['dataV3'], 21, "<br/>", true); if (preg_match('/base64/', $flags[1])) { $html_fields .= preg_replace("/img src/", "img style='margin-left: 2mm;' align='absmiddle' align='center' src", $flags[1]); } elseif ($flags[1] != '') { $html_fields .= "<img border='0' style='margin-left: 2mm;' align='absmiddle' align='center' src='" . $flags[1] . "'/>"; } $html_fields .= "</td>\n\r\n\t\t\t\t\t\t\t\t <td valign='middle' style='" . $td_style . " width:18mm;'>" . $rs->fields['dataV5'] . "</td>\n\r\n\t\t\t\t\t\t\t\t <td valign='middle' style='" . $td_style . " width:25mm;'>" . $rs->fields['dataI1'] . "</td>\n\r\n\t\t\t\t\t\t\t\t <td valign='middle' style='" . $td_style . " width:25mm;'>" . $rs->fields['dataI2'] . "</td>\n\r\n\t\t\t\t\t\t\t\t <td valign='middle' style='" . $td_style . " width:25mm;'>" . $rs->fields['dataI3'] . "</td>\n"; $bc = $i++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set("<tr style='width: 193mm;' {$bc}>\n" . $html_fields . "</tr>\n"); $rs->MoveNext(); } } $htmlPdfReport->set("\n</table>\n"); } $db->close($conn); }
<td style="' . $td_style . ' width: 27mm;" class="noborder"><strong>' . gettext("Destination ips") . ':</strong></td> <td style="' . $td_style . ' width: 26mm;" class="noborder">' . str_replace(",", "<br/>", $value['DestinationIps']) . '</td> <td style="' . $td_style . ' width: 20mm;" class="noborder"><strong>' . gettext("Priority") . ':</strong></td> <td style="' . $td_style . ' width: 20mm;" class="noborder">' . $value['Priority'] . '</td> </tr> <tr> <td style="' . $td_style . ' width: 27mm;" class="noborder"><strong>' . gettext("Source ports") . ':</strong></td> <td colspan="3" style="' . $td_style . ' width: 66mm;" class="noborder">' . $value['SourcePorts'] . '</td> </tr> <tr> <td style="' . $td_style . ' width: 27mm;"><strong>' . gettext("Destination ports") . ':</strong></td> <td colspan="3" style="' . $td_style . ' width: 66mm;" class="noborder">' . $value['DestinationPorts'] . '</td> </tr> <tr> <td style="' . $td_style . ' width: 27mm;"><strong>' . gettext("In charge") . ':</strong></td> <td colspan="3" style="' . $td_style . ' width: 66mm;" class="noborder">' . Util::wordwrap($value['InCharge'], 35, "<br/>", true) . '</td> </tr> </table> </td> '); if ($c % 2 != 0) { $htmlPdfReport->set('</tr>'); } $c++; } if ($c % 2 != 0) { $htmlPdfReport->set(' <td></td> </tr>'); } $htmlPdfReport->set('</table><br/><br/>');
if (count($list) == 0) { $htmlPdfReport->set(' <table class="w100" cellpadding="0" cellspacing="0"> <tr> <td class="w100" align="center" valign="top">' . _("No data available") . '</td> </tr> </table><br/><br/>'); return; } $htmlPdfReport->set(' <table class="w100" cellpadding="0" cellspacing="0"> <tr> <td style="padding:15px 0px 0px 0px;width:100%" valign="top"> <table class="w100"> <tr>'); $htmlPdfReport->set('<th>' . _("Event") . '</th>'); $htmlPdfReport->set('<th class="center">' . gettext("Risk") . '</th></tr>'); $c = 0; foreach ($list as $l) { $event = $l[0]; $risk = $l[1]; $bc = $c++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set('<tr ' . $bc . '> <td style="text-align:left;width:68%">' . Util::wordwrap(Util::htmlentities(Util::signaturefilter($event)), 70, " ", true) . '</td> <td nowrap="nowrap" class="left" style="width:32%">' . echo_risk($risk, 1) . '</td></tr>'); } $htmlPdfReport->set('</table> </td> </tr> </table><br/>'); }
$htmlPdfReport->set("\n<br/><br/>\n"); $db = new ossim_db(); $conn = $db->connect(); $conn->SetFetchMode(ADODB_FETCH_ASSOC); $rs = $conn->Execute($query, $params); if (!$rs) { $htmlPdfReport->set("<table class='w100' cellpadding='0' cellspacing='0'>\n <tr><td class='w100' align='center' valign='top'>" . _("No data available") . "</td></tr>\n </table>\n"); } else { // Plugins $htmlPdfReport->set("<table style='width: 193mm;' cellpadding='0' cellspacing='0'>\n <tr><th style='width: 193mm;' align='center'>" . _("SIEM Unique Plugins") . "</th></tr>\n </table><br/>\n"); $htmlPdfReport->set("<table style='width: 193mm; margin:auto;' cellpadding='0' cellspacing='2'>"); //Headers $th_style = 'font-size: 10px;'; $html_headers = "<th align='center' valign='middle' style='" . $th_style . " width:55mm;'>" . _("Data Source") . "</th>\n\n <th align='center' valign='middle' style='" . $th_style . " width:25mm;'>" . _("Events") . " #</th>\n\n <th align='center' valign='middle' style='" . $th_style . " width:50mm;'>" . _($var_field) . "</th>\n\n <th align='center' valign='middle' style='" . $th_style . " width:50mm;'>" . _("Product Type") . " #</th>\n"; $htmlPdfReport->set("<tr>\n" . $html_headers . "</tr>\n"); if ($rs->RecordCount() == 0) { $htmlPdfReport->set("<tr>\n <td colspan='4' style='text-align:center; padding: 15px 0px;' class='w100' valign='middle'>" . _("No plugins found for this search criteria") . "</td>\n </tr>\n"); } else { $i = 0; while (!$rs->EOF) { $td_style = 'font-size: 10px; text-align:center;'; $html_fields = "<td valign='middle' style='" . $td_style . " width:55mm; text-align: left;'>" . Util::wordwrap($rs->fields['dataV1'], 48, "<br/>", true) . "</td>\n\n <td valign='middle' style='" . $td_style . " width:25mm;'>" . $rs->fields['dataI1'] . "</td>\n\n <td valign='middle' style='" . $td_style . " width:50mm;'>" . $rs->fields['dataV11'] . "</td>\n\n <td valign='middle' style='" . $td_style . " width:50mm;'>" . $rs->fields['dataV2'] . "</td>\n"; $bc = $i++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set("<tr style='width: 193mm;' {$bc}>\n" . $html_fields . "</tr>\n"); $rs->MoveNext(); } } $htmlPdfReport->set("\n</table>\n"); } $db->close($conn); }
break; } $cell_data['CONTEXT'] = $context; $cell_align['CONTEXT'] = "center"; $cell_more['CONTEXT'] = "nowrap";*/ // 11- Protocol //qroPrintEntry('<FONT>' . IPProto2str($current_proto) . '</FONT>'); $cell_data['IP_PROTO'] = IPProto2str($current_proto); $cell_align['IP_PROTO'] = "center"; // X- ExtraData $cell_data['USERNAME'] = Util::htmlentities(Util::wordwrap($myrow['username'], 25, " ", true)); $cell_data['PASSWORD'] = Util::htmlentities(Util::wordwrap($myrow['password'], 25, " ", true)); $cell_data['FILENAME'] = Util::htmlentities(Util::wordwrap($myrow['filename'], 25, " ", true)); $cell_data['PAYLOAD'] = Util::htmlentities(Util::wordwrap($myrow['data_payload'], 25, " ", true)); for ($u = 1; $u < 10; $u++) { $cell_data['USERDATA' . $u] = $i < 9 ? Util::htmlentities(Util::wordwrap($myrow['userdata' . $u], 25, " ", true)) : Util::htmlentities($myrow['userdata' . $u]); } // IDM-Reputation Data $cell_data['SRC_USERDOMAIN'] = Util::htmlentities($myrow['src_userdomain']); $cell_align['SRC_USERDOMAIN'] = "center"; $cell_data['DST_USERDOMAIN'] = Util::htmlentities($myrow['dst_userdomain']); $cell_align['DST_USERDOMAIN'] = "center"; $cell_data['SRC_HOSTNAME'] = Util::htmlentities($myrow['src_hostname']); $cell_align['SRC_HOSTNAME'] = "center"; $cell_data['DST_HOSTNAME'] = Util::htmlentities($myrow['dst_hostname']); $cell_align['DST_HOSTNAME'] = "center"; $cell_data['SRC_MAC'] = Util::htmlentities($myrow['src_mac']); $cell_align['SRC_MAC'] = "center"; $cell_data['DST_MAC'] = Util::htmlentities($myrow['dst_mac']); $cell_align['DST_MAC'] = "center"; $cell_data['REP_PRIO_SRC'] = Util::htmlentities($myrow['REP_PRIO_SRC']);
$htmlPdfReport->set($htmlPdfReport->newTitle($title, $date_from, $date_to, null)); $htmlPdfReport->set("\n<br/><br/>\n"); $db = new ossim_db(); $conn = $db->connect(); $conn->SetFetchMode(ADODB_FETCH_ASSOC); if (!($rs =& $conn->Execute($query, $params))) { $htmlPdfReport->set("<table class='w100' cellpadding='0' cellspacing='0'>\r\n <tr><td class='w100' align='center' valign='top'>" . _("No data available") . "</td></tr>\r\n </table>\n"); } else { // Unique Events $htmlPdfReport->set("<table style='width: 193mm;' cellpadding='0' cellspacing='0'>\r\n <tr><th style='width: 193mm;' align='center'>" . _("SIEM Unique Events") . "</th></tr>\r\n </table><br/>\n"); $htmlPdfReport->set("<table style='width: 193mm; margin:auto;' cellpadding='0' cellspacing='2'>"); //Headers $th_style = 'font-size: 10px;'; $html_headers = "<th align='center' valign='middle' style='" . $th_style . " width:90mm;'>" . _("Signature") . "</th>\n\r\n <th align='center' valign='middle' style='" . $th_style . " width:40mm;'>" . _("Total") . " #</th>\n\r\n <th align='center' valign='middle' style='" . $th_style . " width:25mm;'>" . _("Unique Src") . " #</th>\n\r\n\t\t\t\t\t\t <th align='center' valign='middle' style='" . $th_style . " width:25mm;'>" . _("Unique Dst") . " #</th>\n"; $htmlPdfReport->set("<tr>\n" . $html_headers . "</tr>\n"); if ($rs->RecordCount() == 0) { $htmlPdfReport->set("<tr>\r\n\t\t\t\t\t\t\t\t\t<td colspan='5' style='text-align:center; padding: 15px 0px;' class='w100' valign='middle'>" . _("No unique events found for this search criteria") . "</td>\r\n\t\t\t\t\t\t\t\t</tr>\n"); } else { $i = 0; while (!$rs->EOF) { $td_style = 'font-size: 10px; text-align:center;'; $html_fields = "<td valign='middle' style='" . $td_style . " width:90mm; text-align:,left;'>" . Util::wordwrap($rs->fields['dataV1'], 55, "<br/>", true) . "</td>\n\r\n\t\t\t\t\t\t\t\t<td valign='middle' style='" . $td_style . " width:40mm;'>" . $rs->fields['dataV2'] . "</td>\n\r\n\t\t\t\t\t\t\t\t<td valign='middle' style='" . $td_style . " width:25mm;'>" . $rs->fields['dataI2'] . "</td>\n\r\n\t\t\t\t\t\t\t\t<td valign='middle' style='" . $td_style . " width:25mm;'>" . $rs->fields['dataI3'] . "</td>\n"; $bc = $i++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set("<tr style='width: 193mm;' {$bc}>\n" . $html_fields . "</tr>\n"); $rs->MoveNext(); } } $htmlPdfReport->set("\n</table>\n"); } $db->close($conn); }
<th>' . _("Service") . '</th> <th class="center">' . _("Occurrences") . '</th> </tr>'); $c = 0; $shared_file = $dDB["_shared"]->dbfile(); $dDB["_shared"]->put("SS_UsedPorts" . $runorder, $list); $font_size = getFontSizeSIEM($list); foreach ($list as $l) { $port = $l[0]; $service = $l[1]; $occurrences = number_format($l[2], 0, ",", "."); $bc = $c++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set(' <tr ' . $bc . '> <td style="width:12mm;font-size:' . $font_size . 'px">' . $port . '</td> <td style="width:38mm;font-size:' . $font_size . 'px">' . Util::wordwrap($service, 21, " ", true) . '</td> <td style="width:22mm;text-align:center;font-size:' . $font_size . 'px">' . $occurrences . '</td> </tr>'); } $htmlPdfReport->set(' </table> </td> <td valign="top" style="padding-top:15px; width:98mm;">'); if ($report_graph_type == "applets") { jgraph_ports_graph(); } else { $htmlPdfReport->set('<img src="' . $htmlPdfReport->newImage('/report/graphs/ports_graph.php?shared=' . urlencode($shared_file) . '&ports=' . $NUM_HOSTS . '&type=' . $report_type . '&date_from=' . urlencode($date_from) . '&date_to=' . urlencode($date_to) . '&runorder=' . $runorder, 'png') . '" />'); } $htmlPdfReport->set(' </td>
} else { // Unique Addresses $r_title = $type == 1 ? _("Source Addresses Report") : _("Destination Addresses Report"); $htmlPdfReport->set("<table style='width: 193mm;' cellpadding='0' cellspacing='0'>\r\n <tr><th style='width: 193mm;' align='center'>" . $r_title . "</th></tr>\r\n </table><br/>\n"); $htmlPdfReport->set("<table style='width: 193mm; margin:auto;' cellpadding='0' cellspacing='2'>"); //Headers $th_style = 'font-size: 10px;'; $html_headers = "<th align='center' valign='middle' style='" . $th_style . " width:58mm;'>" . ($type == 1 ? _("Src IP address") : _("Dst IP address")) . "</th>\n\r\n <th align='center' valign='middle' style='" . $th_style . " width:50mm;'>" . _($var_field) . "</th>\n\r\n <th align='center' valign='middle' style='" . $th_style . " width:15mm;'>" . _("Total") . " #</th>\n\r\n <th align='center' valign='middle' style='" . $th_style . " width:22mm;'>" . _("Unique Events") . " #</th>\n\r\n <th align='center' valign='middle' style='" . $th_style . " width:32mm;'>" . ($type == 1 ? _("Unique Src. Contacted") : _("Unique Dst. Contacted")) . " #</th>\n"; $htmlPdfReport->set("<tr>\n" . $html_headers . "</tr>\n"); if ($rs->RecordCount() == 0) { $htmlPdfReport->set("<tr>\r\n\t\t\t\t\t\t\t\t\t<td colspan='5' style='text-align:center; padding: 15px 0px;' class='w100' valign='middle'>" . _("No addresses found for this search criteria") . "</td>\r\n\t\t\t\t\t\t\t\t</tr>\n"); } else { $i = 0; while (!$rs->EOF) { $td_style = 'font-size: 10px; text-align:center;'; $html_fields = "<td valign='middle' style='" . $td_style . " width:58mm; text-align: left;'>" . Util::wordwrap($rs->fields['dataV1'], 40, "<br/>", true); if (preg_match('/base64/', $rs->fields['cell_data'])) { $html_fields .= preg_replace("/img src/", "img style='margin-left: 2mm;' align='absmiddle' align='center' src", $rs->fields['cell_data']); } elseif ($rs->fields['cell_data'] != '') { $html_fields .= "<img border='0' style='margin-left: 2mm;' align='absmiddle' align='center' src='" . $rs->fields['cell_data'] . "'/>"; } $html_fields .= "</td>\n\r\n\t\t\t\t\t\t\t\t <td valign='middle' style='" . $td_style . " width:50mm;'>" . $rs->fields['dataV11'] . "</td>\n\r\n\t\t\t\t\t\t\t\t <td valign='middle' style='" . $td_style . " width:15mm;'>" . $rs->fields['dataI3'] . "</td>\n\r\n\t\t\t\t\t\t\t\t <td valign='middle' style='" . $td_style . " width:22mm;'>" . $rs->fields['dataV3'] . "</td>\n\r\n\t\t\t\t\t\t\t\t <td valign='middle' style='" . $td_style . " width:32mm;'>" . $rs->fields['dataV4'] . "</td>\n"; $bc = $i++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set("<tr style='width: 193mm;' {$bc}>\n" . $html_fields . "</tr>\n"); $rs->MoveNext(); } } $htmlPdfReport->set("\n</table>\n"); } $db->close($conn); }
$shared_file = $dDB["_shared"]->dbfile(); $dDB["_shared"]->put("data", $data_plot); //Events Trends $htmlPdfReport->set("<table class='w100' cellpadding='0' cellspacing='0'>\n <tr><th class='w100' align='center'>" . _("Events Trend") . "</th></tr>\n <tr><td class='w100'>"); $htmlPdfReport->set('<img src="' . $htmlPdfReport->newImage('report/os_reports/Forensics/graph_lines.php?shared=' . urlencode($shared_file), 'png') . '" />'); $htmlPdfReport->set(" </td></tr>\n </table><br/><br/>\n"); //Events $htmlPdfReport->set("<table style='width: 193mm;' cellpadding='0' cellspacing='0'>\n <tr><th style='width: 193mm;' align='center'>" . _("SIEM Events") . "</th></tr>\n </table><br/>\n"); $htmlPdfReport->set("<table style='width: 193mm; margin:auto;' cellpadding='0' cellspacing='2'>"); $htmlPdfReport->set("<tr>\n" . $html_headers . "</tr>\n"); $i = 0; while (!$rs->EOF) { $td_style = 'font-size: 10px; text-align:center;'; $html_fields = "<td valign='middle' style='" . $td_style . " width:42mm; text-align: left;'>" . Util::wordwrap($rs->fields['dataV1'], 20, "<br/>", true) . "</td>\n\n <td valign='middle' style='" . $td_style . " width:14mm;'>" . $rs->fields['dataV2'] . "</td>\n\n <td valign='middle' style='" . $td_style . " width:35mm;'>" . $rs->fields['dataV11'] . "</td>\n\n <td valign='middle' style='" . $td_style . " width:10mm;'>" . ($rs->fields['dataI1'] > 0 ? _("Yes") : _("N/A")) . "</td>\n\n <td valign='middle' style='" . $td_style . " width:30mm;'>" . Util::wordwrap($rs->fields['dataV3'], 21, "<br/>", true); if ($rs->fields['dataV4'] != '') { $html_fields .= "<br/><img border='0' align='absmiddle' align='center' src='" . $rs->fields['dataV4'] . "'/>"; } $html_fields .= "</td>\n\n <td valign='middle' style='" . $td_style . " width:30mm;'>" . Util::wordwrap($rs->fields['dataV5'], 21, "<br/>", true); if ($rs->fields['dataV6'] != '') { $html_fields .= "<br/><img border='0' align='absmiddle' align='center' src='" . $rs->fields['dataV6'] . "'/>"; } $html_fields .= "</td>\n\n\n <td valign='middle' style='" . $td_style . " width:12mm;'>\n <img border='0' style='width:12mm;' align='absmiddle' align='center' src='" . $rs->fields['dataV10'] . "'/>\n </td>\n"; $bc = $i++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set("<tr style='width: 193mm;' {$bc}>\n" . $html_fields . "</tr>\n"); $rs->MoveNext(); } $htmlPdfReport->set("\n</table>\n"); } $db->close(); } }
$htmlPdfReport->set('<table class="w100">'); foreach ($list as $key => $value) { if ($c % 2 == 0) { $htmlPdfReport->set('<tr>'); } $imgStatus = $value['Status'] == 'Closed' ? '<img src="Tickets/closed.png" width="16" height="16" align="top"/>' : '<img src="Tickets/open.png" width="16" height="16" align="top" />'; $padding = $c % 2 != 0 ? 'padding-left:3px' : ""; $htmlPdfReport->set(' <td style="width:94mm;" valign="top"> <table style="' . $padding . '"> <tr> <th colspan="4" style="width:90mm;text-align:center">' . Util::wordwrap($value['Title'], 80, "<br/>", true) . '</th> </tr> <tr> <td style="text-align:left" class="noborder"><strong>' . _("In charge") . ':</strong></td> <td colspan="3" style="text-align:left" class="noborder">' . Util::wordwrap($value['InCharge'], 35, "<br/>", true) . '</td> </tr> <tr> <td style="text-align:left" class="noborder"><strong>' . _("Status") . ':</strong></td> <td style="text-align:left" class="noborder">' . $imgStatus . ' ' . $value['Status'] . '</td> <td style="text-align:left" class="noborder"><strong>' . _("Priority") . ':</strong></td> <td style="text-align:left" class="noborder">' . $value['Priority'] . '</td> </tr> </table> </td>'); if ($c % 2 != 0) { $htmlPdfReport->set('</tr>'); } $c++; } if ($c % 2 != 0) {
$src_img = preg_replace("/scriptinfo/", '', $src_output['html_icon']); // Clean icon hover tiptip // Dst icon and bold $dst_output = Asset_host::get_extended_name($conn, $geoloc, $dst_ip, $ctx_dst, $event_info["dst_host"], $event_info["dst_net"]); $homelan_dst = $dst_output['is_internal']; $dst_img = preg_replace("/scriptinfo/", '', $dst_output['html_icon']); // Clean icon hover tiptip //host report menu: $src_hrm = "{$src_ip};{$src_name};" . $event_info['src_host']; $dst_hrm = "{$dst_ip};{$dst_name};" . $event_info['dst_host']; //Port Check $src_name .= $src_port ? ':' . $src_port : ''; $dst_name .= $dst_port ? ':' . $dst_port : ''; //Wrapping Text $src_name = Util::wordwrap($src_name, 30, '<br/>'); $dst_name = Util::wordwrap($dst_name, 30, '<br/>'); //Homeland Check $src_name = $homelan_src ? " <strong>{$src_name}</strong>" : " {$src_name}"; $dst_name = $homelan_dst ? " <strong>{$dst_name}</strong>" : " {$dst_name}"; $alarm_otx = $alarm->get_otx_icon(); // COLUMNS $_res = array(); $_res['DT_RowId'] = $alarm->get_backlog_id(); $_res[] = $alarm->get_timestamp(); $_res[] = $alarm->get_status(); $_res[] = $alarm_ik; $_res[] = $alarm_sc; $_res[] = $alarm->get_risk(); $_res[] = $alarm_otx; $_res[] = "<div class='HostReportMenu' id='{$src_hrm}'>" . $src_img . $src_name . "</div>"; $_res[] = "<div class='HostReportMenu' id='{$dst_hrm}'>" . $dst_img . $dst_name . "</div>";
$conn->SetFetchMode(ADODB_FETCH_ASSOC); if (!($rs =& $conn->Execute($query, $params))) { $htmlPdfReport->set("<table class='w100' cellpadding='0' cellspacing='0'>\r\n <tr><td class='w100' align='center' valign='top'>" . _("No data available") . "</td></tr>\r\n </table>\n"); } else { // Sensors $htmlPdfReport->set("<table style='width: 193mm;' cellpadding='0' cellspacing='0'>\r\n <tr><th style='width: 193mm;' align='center'>" . _("SIEM Unique Events") . "</th></tr>\r\n </table><br/>\n"); $htmlPdfReport->set("<table style='width: 193mm; margin:auto;' cellpadding='0' cellspacing='2'>"); //Headers $th_style = 'font-size: 10px;'; $html_headers = "<th align='center' valign='middle' style='" . $th_style . " width:30mm;'>" . _("Sensor") . "</th>\n\r\n\t\t\t\t\t\t <th align='center' valign='middle' style='" . $th_style . " width:63mm;'>" . _("Name") . "</th>\n\r\n\t\t\t\t\t <th align='center' valign='middle' style='" . $th_style . " width:20mm;'>" . _("Total events") . " #</th>\n\r\n <th align='center' valign='middle' style='" . $th_style . " width:24mm;'>" . _("Unique events") . " #</th>\n\r\n\t\t\t\t\t\t <th align='center' valign='middle' style='" . $th_style . " width:18mm;'>" . _("Unique Src") . " #</th>\n\r\n\t\t\t\t\t\t <th align='center' valign='middle' style='" . $th_style . " width:18mm;'>" . _("Unique Dst") . " #</th>\n"; $htmlPdfReport->set("<tr>\n" . $html_headers . "</tr>\n"); if ($rs->RecordCount() == 0) { $htmlPdfReport->set("<tr>\r\n\t\t\t\t\t\t\t\t\t<td colspan='6' style='text-align:center; padding: 15px 0px;' class='w100' valign='middle'>" . _("No sensors found for this search criteria") . "</td>\r\n\t\t\t\t\t\t\t\t</tr>\n"); } else { $i = 0; while (!$rs->EOF) { $td_style = 'font-size: 10px; text-align:center;'; $html_fields = "<td valign='middle' style='" . $td_style . " width:30mm; text-align: left;'>" . $rs->fields['dataV7'] . "</td>\n\r\n\t\t\t\t\t\t\t\t<td valign='middle' style='" . $td_style . " width:63mm; text-align: left;'>" . Util::wordwrap($rs->fields['dataV1'], 50, "<br/>", true); if ($rs->fields['dataV2'] != '') { $html_fields .= "<br/><img border='0' style='margin-left: 2mm;' align='absmiddle' align='center' src='" . $rs->fields['dataV2'] . "'/>"; } $html_fields .= "</td>\n\r\n\t\t\t\t\t\t\t\t<td valign='middle' style='" . $td_style . " width:20mm;'>" . $rs->fields['dataI2'] . "</td>\n\r\n\t\t\t\t\t\t\t\t<td valign='middle' style='" . $td_style . " width:24mm;'>" . $rs->fields['dataI3'] . "</td>\n\r\n\t\t\t\t\t\t\t\t<td valign='middle' style='" . $td_style . " width:18mm;'>" . $rs->fields['dataV3'] . "</td>\n\r\n\t\t\t\t\t\t\t\t<td valign='middle' style='" . $td_style . " width:18mm;'>" . $rs->fields['dataV4'] . "</td>\n"; $bc = $i++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set("<tr style='width: 193mm;' {$bc}>\n" . $html_fields . "</tr>\n"); $rs->MoveNext(); } } $htmlPdfReport->set("\n</table>\n"); } $db->close($conn); }
//Distinct Host IDs with software $assets_with_software = array(); // Software data $data = array(); foreach ($sw_list as $cpe => $sw_data) { foreach ($sw_data as $_asset_id => $sw_values) { if (array_key_exists($_asset_id, $assets_with_software)) { $ips_to_show = $assets_with_software[$_asset_id]; } else { $_host = Asset_host::get_object($conn, $_asset_id); $ips_to_show = $_host->get_name() . ' (' . $_host->get_ips()->get_ips('string') . ')'; $assets_with_software[$_asset_id] = $ips_to_show; } $r_key = strtolower($_asset_id . '_' . md5($cpe)); $sw_name = $sw_values['banner']; $dt_sw_name = $sw_name; if (empty($sw_name)) { $sw_name = Util::wordwrap($sw_values['cpe'], 80, '<br/>'); } $_sw_data = array("DT_RowId" => $r_key, "DT_RowData" => array('p_id' => 60, 'sw_cpe' => $sw_values['cpe'], 'sw_name' => $dt_sw_name, 'source_id' => $sw_values['source']['id']), "", $ips_to_show, $sw_name, $sw_values['date'], $sw_values['source']['name'], ""); $data[] = $_sw_data; } } $response['sEcho'] = $sec; $response['iTotalRecords'] = $sw_total; $response['iTotalDisplayRecords'] = $sw_total; $response['aaData'] = $data; echo json_encode($response); $db->close(); /* End of file dt_software.php */ /* Location: /av_asset/common/providers/dt_software.php */
$font_size = 12; } else { if (count($list) <= 30) { $font_size = 10; } else { $font_size = 8; } } foreach ($list as $l) { $event = $l[0]; $occurrences = number_format($l[1], 0, ',', '.'); $link = "{$ossim_link}/alarm/alarm_console.php"; $bc = $c++ % 2 != 0 ? "class='par'" : ''; $htmlPdfReport->set(' <tr ' . $bc . '> <td style="text-align:left;width:60mm;font-size:' . $font_size . 'px">' . Util::wordwrap(Util::htmlentities(Util::signaturefilter($event)), 30, ' ', TRUE) . '</td> <td style="text-align:center;width:22mm;font-size:' . $font_size . 'px">' . $occurrences . '</td> </tr>'); } $htmlPdfReport->set(' </table> </td> <td valign="top" style="text-align:center;padding-top:15px;">'); if ($report_graph_type == 'applets') { jgraph_nbevents_graph(); } else { $htmlPdfReport->set('<img src="' . $htmlPdfReport->newImage('/report/graphs/events_received_graph.php?shared=' . urlencode($shared_file) . '&hosts=' . $num_hosts . '&type=' . $report_type . '&date_from=' . urlencode($date_from) . '&date_to=' . urlencode($date_to) . '&runorder=' . $runorder, 'png') . '" />'); } $htmlPdfReport->set(' </td> </tr>
<th>' . _("Last value") . '</th> <th>' . _("New value") . '</th> </TR> <TR> <TD>' . Util::htmlentities($userdata1) . '</TD> <TD>' . Util::htmlentities($userdata2) . '</TD> </TR> </TABLE>'; } else { echo '<br/><TABLE class="table_list"><TR>'; foreach ($extradata1 as $k => $v) { echo '<th>' . _($k) . '</th>'; } echo '</TR><TR>'; foreach ($extradata1 as $k => $v) { echo '<TD>' . Util::htmlentities(Util::wordwrap($v, 30, ' ', TRUE)) . '</TD>'; } echo '</TR>'; if (!empty($extradata2)) { echo '<TR>'; foreach ($extradata2 as $k => $v) { echo '<th>' . _($k) . '</th>'; } echo '</TR><TR>'; foreach ($extradata2 as $k => $v) { echo '<TD>' . Util::htmlentities($v) . '</TD>'; } echo '</TR>'; } echo '</TABLE>'; }
$order = 'banner'; } // Property filter $filters = array('where' => "`cpe` LIKE 'cpe:/a%'", 'limit' => "{$from}, {$maxrows}", 'order_by' => "{$order} {$torder}"); if ($search_str != '') { $search_str = escape_sql($search_str, $conn); $filters['where'] .= ' AND (banner LIKE "%' . $search_str . '%" OR cpe LIKE "%' . $search_str . '%")'; } // Software data $data = array(); $sw_list = array(); $sw_total = 0; list($sw_list, $sw_total) = Asset_host_software::bulk_get_list($conn, $filters); foreach ($sw_list as $sw_cpe => $sw_values) { $r_key = strtolower(md5($sw_cpe)); $sw_name = $sw_values['banner']; $dt_sw_name = $sw_name; if (empty($sw_name)) { $sw_name = Util::wordwrap($sw_cpe, 80, '<br/>'); } $_sw_data = array("DT_RowId" => $r_key, "DT_RowData" => array('p_id' => 60, 'sw_cpe' => $sw_cpe, 'sw_name' => $dt_sw_name, 'source_id' => $sw_values['source']['id']), "", $sw_name, $sw_values['source']['name'], ""); $data[] = $_sw_data; } $response['sEcho'] = $sec; $response['iTotalRecords'] = $sw_total; $response['iTotalDisplayRecords'] = $sw_total; $response['aaData'] = $data; echo json_encode($response); $db->close(); /* End of file bk_dt_software.php */ /* Location: /av_asset/common/providers/bk_dt_software.php */
// 11- Protocol $cell_data['IP_PROTO'] = $current_p_name; $cell_align['IP_PROTO'] = "center"; // X- ExtraData // Payload and userdataX with ellipsis truncate. // Username, password and filename are always short. Use the same code if it becomes necesary someday... $cell_data['USERNAME'] = Util::htmlentities($myrow['username']); $cell_data['PASSWORD'] = Util::htmlentities($myrow['password']); $cell_data['FILENAME'] = Util::htmlentities($myrow['filename']); $cell_data['PAYLOAD'] = $myrow['data_payload'] != '' ? '<div class="siem_ellipsis">' . Util::htmlentities($myrow['data_payload']) . '</div' : ''; $cell_pdfdata['PAYLOAD'] = $myrow['data_payload'] != '' ? Util::htmlentities($myrow['data_payload']) : 'Empty'; $cell_tooltip['PAYLOAD'] = Util::wordwrap($myrow['data_payload'], 30, "<br/>", TRUE); for ($u = 1; $u < 10; $u++) { $cell_data['USERDATA' . $u] = $myrow['userdata' . $u] != '' ? '<div class="siem_ellipsis">' . Util::htmlentities($myrow['userdata' . $u]) . '</div>' : ''; $cell_pdfdata['USERDATA' . $u] = $myrow['userdata' . $u] != '' ? Util::htmlentities($myrow['userdata' . $u]) : 'Empty'; $cell_tooltip['USERDATA' . $u] = Util::wordwrap($myrow['userdata' . $u], 30, "<br/>", TRUE); } // IDM-Reputation Data $cell_data['SRC_USERDOMAIN'] = Util::htmlentities($myrow['src_userdomain']); $cell_align['SRC_USERDOMAIN'] = "center"; $cell_data['DST_USERDOMAIN'] = Util::htmlentities($myrow['dst_userdomain']); $cell_align['DST_USERDOMAIN'] = "center"; $cell_data['SRC_HOSTNAME'] = Util::htmlentities($myrow['src_hostname']); $cell_align['SRC_HOSTNAME'] = "center"; $cell_data['DST_HOSTNAME'] = Util::htmlentities($myrow['dst_hostname']); $cell_align['DST_HOSTNAME'] = "center"; $cell_data['SRC_MAC'] = Util::htmlentities($myrow['src_mac']); $cell_align['SRC_MAC'] = "center"; $cell_data['DST_MAC'] = Util::htmlentities($myrow['dst_mac']); $cell_align['DST_MAC'] = "center"; $cell_data['REP_PRIO_SRC'] = Util::htmlentities($myrow['REP_PRIO_SRC']);