header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); require_once 'av_init.php'; Session::logcheck("analysis-menu", "EventsForensics"); $search = trim(GET('q')); $max = intval(GET('limit')); if (!$max) { $max = 50; } ossim_valid($search, OSS_NULLABLE, OSS_NOECHARS, OSS_ALPHA, OSS_SCORE, OSS_PUNC, 'illegal:' . _("search")); if (ossim_error()) { die; } $db = new ossim_db(TRUE); if (is_array($_SESSION['server']) && $_SESSION['server'][0] != '') { $conn = $db->custom_connect($_SESSION["server"][0], $_SESSION["server"][2], $_SESSION["server"][3]); } else { $conn = $db->connect(); } $params = array(); $filter = ''; if (!empty($search)) { $filter = 'WHERE INET6_NTOA(device_ip) LIKE CONCAT("%",?,"%")'; $params[] = $search; } $query = "SELECT DISTINCT INET6_NTOA(device_ip) as ip FROM alienvault_siem.device {$filter}"; $rs = $conn->Execute($query, $params); if ($rs) { while (!$rs->EOF) { echo $rs->fields['ip'] . "\n"; $rs->MoveNext();
} if (is_array($_SESSION['server']) && $_SESSION["server"][0] != '') { // Change connect variables $alert_host = $_SESSION['server'][0]; $alert_port = $_SESSION['server'][1]; $alert_user = $_SESSION['server'][2]; $alert_password = $_SESSION['server'][3]; $alert_ext_dbname = $_SESSION['server'][4]; $alert_dbname = preg_match("/\\_restore/", $alert_ext_dbname) ? $alert_ext_dbname : 'alienvault_siem'; $db_connect_method = DB_PCONNECT; $dbo = new ossim_db(); error_reporting(E_ERROR | E_PARSE); // Try to connect try { $dbo->enable_cache(); $conn_aux = $dbo->custom_connect($alert_port == "" ? $alert_host : $alert_host . ":" . $alert_port, $alert_user, $alert_password); } catch (Exception $e) { unset($_SESSION['server']); $w_html = sprintf(_('Warning! Unable to connect to <strong>%s (%s)</strong>.'), Util::htmlentities($alert_ext_dbname), Util::htmlentities($alert_host)); //$w_html .= ' '._('Connection has been restored to')." <a style='color: #9f6000; font-weight: bold;' href='base_qry_main.php?clear_allcriteria=1&num_result_rows=-1&submit=Query+DB¤t_view=-1&sort_order=time_d'>"._('local')."</a>."; $w_html .= '<div style="padding: 3px 0px;">' . _('In order to connect to the selected database, go to the <i>External Databases</i> section and follow the instructions provided by the help icon.') . '</div>'; $warning = new Av_warning('<div style="padding: 2px;">' . $w_html . '</div>'); $warning->display(); exit; } $dbo->close(); unset($dbo); error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); } $current_url = Util::get_ossim_url(); $events_report_type = 33;
<HR> <FORM METHOD="POST" ACTION="base_stat_ipaddr.php"> <?php if ($debug_mode == 1) { echo '<TABLE BORDER=1> <TR><TD>action</TD><TD>submit</TD><TD>ip</TD><TD>netmask</TD></TR> <TR><TD>' . $action . '</TD><TD>' . $submit . '</TD> <TD>' . $ip . '</TD><TD>' . $netmask . '</TD></TR> </TABLE>'; } /* Print the Statistics the IP address */ $db_object = new ossim_db(); if (is_array($_SESSION["server"]) && $_SESSION["server"][0] != "") { $conn_object = $db_object->custom_connect($_SESSION["server"][0], $_SESSION["server"][2], $_SESSION["server"][3]); } else { $conn_object = $db_object->connect(); } //$conn_object = $db_object->connect(); echo '<CENTER><B>' . $ip . '</B> ( '; ?> <a href="<?php echo Sensor::get_sensor_link($conn_object, $ip) . "/{$ip}.html"; ?> ">See host Detail</a> <?php $db_object->close($conn_object); echo ') <BR>FQDN: <B>'; if ($resolve_IP == 0) {