$event_info = $alarm->get_event_info(); $src_host = Asset_host::get_object($conn, $event_info["src_host"]); $dst_host = Asset_host::get_object($conn, $event_info["dst_host"]); $src_net_id = $event_info["src_net"]; $dst_net_id = $event_info["dst_net"]; $src_port = $src_port != 0 ? ":" . Port::port2service($conn, $src_port) : ""; $dst_port = $dst_port != 0 ? ":" . Port::port2service($conn, $dst_port) : ""; $ctxs = $alarm->get_sensors(); // Incongruent code $risk = $alarm->get_risk(); if ($plugin_id != "" && $plugin_sid != "") { $csimilar = 0; //Change similar when we search by data source } // Stats list($_a, $_stats, $_b) = Alarm::get_alarm_detail($conn, $backlog_id); unset($_a); unset($_b); $event_count_label = ""; if ($backlog_id) { $event_count = !empty($_stats) ? $_stats["events"] : Alarm::get_total_events($conn, $backlog_id, true); $event_count_label = $event_count . " " . _("events"); } $timestamp_utc = Util::get_utc_unixtime(Util::timestamp2date($alarm->get_timestamp())); // $alarm->get_last() $last = gmdate("Y-m-d", $timestamp_utc + 3600 * $tz); $hour = gmdate("H:i:s", $timestamp_utc + 3600 * $tz); $today = gmdate("Y-m-d"); $date = Util::timestamp2date($alarm->get_timestamp()); $timestamp_utc = Util::get_utc_unixtime($date); $beep_on = $beep && $refresh_time_secs > 0 && gmdate("U") - $timestamp_utc <= $refresh_time_secs ? true : false;
$plugin_sid_list = array(); $buffer = ''; $buffer .= "\n\t\t<table width='100%' class='table_list ajaxgreen'>\n\t\t\t<tr>\n\t\t\t\t<th>#</th>\n\t\t\t\t<th>" . _("Alarm") . "</th>\n\t\t\t\t<th>" . _("Risk") . "</th>\n\t\t\t\t<th>" . _("Date") . "</th>\n\t\t\t\t<th>" . _("Source") . "</th>\n\t\t\t\t<th>" . _("Destination") . "</th>\n\t\t\t\t<th>" . _("OTX") . "</th>\n\t\t"; if ($box == "1" && $show_all > 0) { $url_asc = "fill_table('{$backlog_id}', '', 3, '{$hide}', '', 1)"; $url_desc = "fill_table('{$backlog_id}', '', 2, '{$hide}', '', 1)"; $buffer .= "<th style='width:65px;white-space:normal;'>\n\t\t\t\t\t<div id='c_th_correlation'>\n\t\t\t\t\t<table class='transparent'>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<a href='javascript:;' onclick=\"{$url_desc}\"> \n <img id='sort_desc' src='/ossim/pixmaps/data_tables/sort_desc.png' border='0' align='top'/>\n </a>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . _("Correlation Level") . "\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<a href='javascript:;' onclick=\"{$url_asc}\">\n <img id='sort_asc' src='/ossim/pixmaps/data_tables/sort_asc.png' border='0' align='top'/> \n </a>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t\t</div>\n\t\t\t\t</th>"; } else { $buffer .= "<th style='width:60px;white-space:normal;'>" . _("Correlation Level") . "</th>"; } $buffer .= "</tr>"; // Timezone correction $tz = Util::get_timezone(); $alarms_numbering = Alarm::get_alarms_numbering($conn, $backlog_id); list($alarm_list, $total_events) = Alarm::get_events($conn, $backlog_id, $show_all, $event_id, $from, $max_events, $alarms_numbering, true); list($alarm_object, $event) = Alarm::get_alarm_detail($conn, $backlog_id); if ($total_events > 0) { $first_number = $event_id != '' ? $from > 0 ? $from - 1 : $from : $from; if ($first_number < 0) { $first_number = 0; } $count_events = $first_number; $count_jump = 0; foreach ($alarm_list as $alarm) { $id = $alarm->get_plugin_id(); $sid = $alarm->get_plugin_sid(); $backlog_id = $alarm->get_backlog_id(); $risk = $alarm->get_risk(); $ctx = $alarm->get_ctx(); $aid = $alarm->get_event_id(); $sid_name = $alarm->get_sid_name();
header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); require_once 'av_init.php'; require_once '../alarm_common.php'; Session::logcheck("analysis-menu", "ControlPanelAlarms"); $backlog = GET('backlog'); ossim_valid($backlog, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Backlog")); // Maybe nullable from Logger resolves if (ossim_error()) { die(ossim_error()); } $geoloc = new Geolocation("/usr/share/geoip/GeoLiteCity.dat"); $db = new ossim_db(TRUE); $conn = $db->connect(); $tz = Util::get_timezone(); list($alarm, $event) = Alarm::get_alarm_detail($conn, $backlog); $stats = $alarm->get_stats(); $timestamp_utc = Util::get_utc_unixtime(Util::timestamp2date($alarm->get_timestamp())); $last = gmdate("Y-m-d H:i:s", $timestamp_utc + 3600 * $tz); $alarm_time = get_alarm_life($alarm->get_since(), $alarm->get_last()); preg_match_all("/(\\d+)\\s(\\w+)/", strip_tags(trim($alarm_time)), $found); $alarm_time_number = $found[1][0]; $alarm_time_unit = $found[2][0]; $alarm_life = get_alarm_life($alarm->get_since(), gmdate("Y-m-d H:i:s")); preg_match_all("/(\\d+)\\s(\\w+)/", strip_tags(trim($alarm_life)), $found); $alarm_life_number = $found[1][0]; $alarm_life_unit = $found[2][0]; $show_total = false; $removable = $alarm->get_removable(); $backlog_id = $alarm->get_backlog_id(); $event_id = $alarm->get_event_id();
require_once 'av_init.php'; require_once 'alarm_common.php'; Session::logcheck("analysis-menu", "ControlPanelAlarms"); // Do not delete, this var is used in single_ip.php $geoloc = new Geolocation("/usr/share/geoip/GeoLiteCity.dat"); /* connect to db */ $db = new ossim_db(TRUE); $conn = $db->connect(); $tz = Util::get_timezone(); //Getting parameters $backlog_id = GET('backlog'); ossim_valid($backlog_id, OSS_HEX, 'illegal:' . _("Backlog ID")); if (ossim_error()) { die(ossim_error()); } list($alarm, $stats, $event) = Alarm::get_alarm_detail($conn, $backlog_id); if (!is_array($stats) && !is_object($alarm)) { $error = true; $error_msg = _('It was impossible to retrieve the alarm information'); } if (!$error) { //This is to force the alarms to remember the position of the datatables $_SESSION["_alarm_keep_pagination"] = TRUE; //Storing in session necessary alarm info $_SESSION['_alarm_stats'] = $stats; $event_info = Alarm::get_event($conn, $alarm->get_event_id()); $_SESSION['_alarm_stats']['event_info'] = $event_info; //alarm source and detination $src = $stats['src']; $dst = $stats['dst']; //Retrieving the alarm info for the detail