qroPrintEntry('<div id="sa' . $device_id . '">' . $num_src_ip . '</div>', 'center', 'middle', 'nowrap');
qroPrintEntry('<div id="da' . $device_id . '">' . $num_dst_ip . '</div>', 'center', 'middle', 'nowrap');
/*qroPrintEntry(BuildUniqueAlertLink("?sensor=" . $device_id) . $unique_event_cnt . '</A>');
qroPrintEntry(BuildUniqueAddressLink(1, "&sensor=" . $device_id) . $num_src_ip . '</A>');
qroPrintEntry(BuildUniqueAddressLink(2, "&sensor=" . $device_id) . $num_dst_ip . '</A>');*/
qroPrintEntryFooter();
$i++;
// report_data
$report_data[] = array($sname, $slnk, $num_src_ip, $num_dst_ip, "", "", $sensor_ip, $device_ip, "", "", "", 0, $event_cnt, $unique_event_cnt);
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $sensors_report_type);
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
$et->Mark("Get Query Elements");
$et->PrintTiming();
$db->baseClose();
// Do not load javascript if we are exporting with report_launcher.php
if (!$export) {
?>
<script>
var tmpimg = '<img alt="" src="data:image/gif;base64,R0lGODlhEAALAPQAAOPj4wAAAMLCwrm5udHR0QUFBQAAACkpKXR0dFVVVaamph4eHkJCQnt7e1lZWampqSEhIQMDA0VFRc3NzcHBwdra2jIyMsTExNjY2KKioo6OjrS0tNTU1AAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCwAAACwAAAAAEAALAAAFLSAgjmRpnqSgCuLKAq5AEIM4zDVw03ve27ifDgfkEYe04kDIDC5zrtYKRa2WQgAh+QQJCwAAACwAAAAAEAALAAAFJGBhGAVgnqhpHIeRvsDawqns0qeN5+y967tYLyicBYE7EYkYAgAh+QQJCwAAACwAAAAAEAALAAAFNiAgjothLOOIJAkiGgxjpGKiKMkbz7SN6zIawJcDwIK9W/HISxGBzdHTuBNOmcJVCyoUlk7CEAAh+QQJCwAAACwAAAAAEAALAAAFNSAgjqQIRRFUAo3jNGIkSdHqPI8Tz3V55zuaDacDyIQ+YrBH+hWPzJFzOQQaeavWi7oqnVIhACH5BAkLAAAALAAAAAAQAAsAAAUyICCOZGme1rJY5kRRk7hI0mJSVUXJtF3iOl7tltsBZsNfUegjAY3I5sgFY55KqdX1GgIAIfkECQsAAAAsAAAAABAACwAABTcgII5kaZ4kcV2EqLJipmnZhWGXaOOitm2aXQ4g7P2Ct2ER4AMul00kj5g0Al8tADY2y6C+4FIIACH5BAkLAAAALAAAAAAQAAsAAAUvICCOZGme5ERRk6iy7qpyHCVStA3gNa/7txxwlwv2isSacYUc+l4tADQGQ1mvpBAAIfkECQsAAAAsAAAAABAACwAABS8gII5kaZ7kRFGTqLLuqnIcJVK0DeA1r/u3HHCXC/aKxJpxhRz6Xi0ANAZDWa+kEAA7AAAAAAAAAAAA" />';
var sens=new Array();
var pi = 0;
function load_content() {
if (pi>=sens.length) return;
qroPrintEntry($div2 . $d_country_img . BuildAddressLink($ip_dip, 32) . $ip_dip . '</A>' . $bdiv2, "", "", "nowrap");
if ($fqdn == "yes") {
qroPrintEntry('<FONT>' . $dip_fqdn . '</FONT>');
}
qroPrintEntry('<FONT>' . IPProto2str($proto) . '</FONT>');
$tmp = '<A HREF="base_stat_ports.php?port_type=2&proto=' . $proto . $tmp_ip_criteria . '">';
qroPrintEntry($tmp . $num_unique_dport . '</A>');
$tmp = '<A HREF="base_stat_alerts.php?foo=1' . $tmp_ip_criteria . '">';
qroPrintEntry($tmp . $num_unique . '</A>');
$tmp = '<A HREF="base_qry_main.php?new=1' . '&num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1' . $tmp_ip_criteria . '">';
qroPrintEntry($tmp . $num_occurances . '</A>');
qroPrintEntryFooter();
}
$i++;
// report_data
$report_data[] = array($ip_sip, '', $ip_dip, '', IPProto2str($proto), "", "", "", "", "", "", $num_unique_dport, $num_unique, $num_occurances, $s_country_img != '' || $d_country_img != '' ? $s_country_img . "####" . $d_country_img : '');
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_iplinks_report_type);
$qs->SaveState();
echo "<input type='hidden' name='fqdn' value='" . Util::htmlentities($fqdn) . "'>\n";
echo "\n</FORM>\n";
PrintBASESubFooter();
$et->Mark("Get Query Elements");
$et->PrintTiming();
$db->baseClose();
echo "</body>\r\n</html>";
"><?php
echo Util::number_format_locale($country_uhn['dstnum'], 0);
?>
</a>
<?php
} else {
echo "0";
}
?>
</td>
</TR>
</TABLE>
</TD>
</tr>
<?php
$report_data[] = array($country, "", "", "", "", "", "", "", "", "", "", $country_uhn['Unknown'], $country_uhn['srcnum'] + $country_uhn['dstnum'], 0);
}
echo '</TABLE>';
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
//$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_country_events_report_type);
$qs->SaveState();
ExportHTTPVar("addr_type", $addr_type);
PrintBASESubFooter();
$et->Mark("Get Query Elements");
$et->PrintTiming();
echo "</body>\r\n</html>";
geoip_close($gi);
} else {
$url_criteria = BuildDstIPFormVars($currentIP);
}
}
}
qroPrintEntry($num_sensors);
qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . $num_events . '</A>');
qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria . '">' . $num_sig . '</A>');
qroPrintEntry($num_ip);
if (file_exists("../kml/GoogleEarth.php")) {
qroPrintEntry("<a href='' onclick='window.open(\"../kml/TourConfig.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Earth API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_earth_icon.png' border='0'></a> <a href='' onclick='window.open(\"../kml/IPGoogleMap.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Maps API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_maps_icon.png' border='0'></a>");
}
qroPrintEntryFooter();
++$i;
// report_data
$report_data[] = array($currentIP, $slnk, $num_sig, $num_ip, "", "", "", "", "", "", "", intval($_GET['addr_type']), $num_sensors, $num_events);
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_addr_report_type);
$qs->SaveState();
ExportHTTPVar("addr_type", $addr_type);
echo "\n</FORM>\n";
$et->Mark("Get Query Elements");
$et->PrintTiming();
PrintBASESubFooter();
echo "</body>\r\n</html>";
geoip_close($gi);
qroPrintEntry($sens, "center", "", "", $bgcolor);
qroPrintEntry(" {$product_type}", "left", "", "", $bgcolor);
qroPrintEntry(" <A class='usig' id='sg{$plugin_id}-{$ctx}' HREF='{$urlp}'>-</a>", "left", "", "", $bgcolor);
qroPrintEntry("<div id='ts{$plugin_id}-{$ctx}'>-</div>", "center", "", "nowrap", $bgcolor);
qroPrintEntryFooter();
$i++;
$prev_time = null;
// report_data
$report_data[] = array($plugin_name, $product_type, "", "", "", "", $timestamp, "", "", "", $sens, $total_occurances, 0, 0);
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_plugins_report_type);
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
if ($debug_time_mode >= 1) {
$et->Mark("Get Query Elements");
$et->PrintTiming();
}
$db->baseClose();
// Do not load javascript if we are exporting with report_launcher.php
if (!$export) {
?>
<script>
var tmpimg = '<img alt="" src="data:image/gif;base64,R0lGODlhEAALAPQAAOPj4wAAAMLCwrm5udHR0QUFBQAAACkpKXR0dFVVVaamph4eHkJCQnt7e1lZWampqSEhIQMDA0VFRc3NzcHBwdra2jIyMsTExNjY2KKioo6OjrS0tNTU1AAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCwAAACwAAAAAEAALAAAFLSAgjmRpnqSgCuLKAq5AEIM4zDVw03ve27ifDgfkEYe04kDIDC5zrtYKRa2WQgAh+QQJCwAAACwAAAAAEAALAAAFJGBhGAVgnqhpHIeRvsDawqns0qeN5+y967tYLyicBYE7EYkYAgAh+QQJCwAAACwAAAAAEAALAAAFNiAgjothLOOIJAkiGgxjpGKiKMkbz7SN6zIawJcDwIK9W/HISxGBzdHTuBNOmcJVCyoUlk7CEAAh+QQJCwAAACwAAAAAEAALAAAFNSAgjqQIRRFUAo3jNGIkSdHqPI8Tz3V55zuaDacDyIQ+YrBH+hWPzJFzOQQaeavWi7oqnVIhACH5BAkLAAAALAAAAAAQAAsAAAUyICCOZGme1rJY5kRRk7hI0mJSVUXJtF3iOl7tltsBZsNfUegjAY3I5sgFY55KqdX1GgIAIfkECQsAAAAsAAAAABAACwAABTcgII5kaZ4kcV2EqLJipmnZhWGXaOOitm2aXQ4g7P2Ct2ER4AMul00kj5g0Al8tADY2y6C+4FIIACH5BAkLAAAALAAAAAAQAAsAAAUvICCOZGme5ERRk6iy7qpyHCVStA3gNa/7txxwlwv2isSacYUc+l4tADQGQ1mvpBAAIfkECQsAAAAsAAAAABAACwAABS8gII5kaZ7kRFGTqLLuqnIcJVK0DeA1r/u3HHCXC/aKxJpxhRz6Xi0ANAZDWa+kEAA7AAAAAAAAAAAA" />';
var plots=new Array();
var pi = 0;
$div = '<div id="' . $current_dip . ';' . $ip_aux . '" class="HostReportMenu">';
$bdiv = '</div>';
$homelan = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $current_dip)) || in_array($current_dip, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$current_dip}'><img src=\"" . Host::get_homelan_icon($current_dip, $icons, $match_cidr, $_conn) . "\" border=0></a>" : "";
if ($homelan != "") {
$dlnk = "<img src='images/homelan.png' align='absmiddle' border=0 style='width:3mm'>";
$dlnkrd = $current_url . "/forensics/images/homelan.png";
}
}
//
$i++;
$report_data[] = array(trim(html_entity_decode($despues)), $myrow["timestamp"], $sip_aux . $current_sport, $slnkrd, $dip_aux . $current_dport, $dlnkrd, $current_url . "/forensics/bar2.php?value=" . $current_oasset_s . "&value2=" . $current_oasset_d . "&max=5", $current_url . "/forensics/bar2.php?value=" . $current_oprio . "&max=5", $current_url . "/forensics/bar2.php?value=" . $current_oreli . "&max=9", $current_url . "/forensics/bar2.php?value=" . $current_oriskc . "&value2=" . $current_oriska . "&max=9&range=1", IPProto2str($current_proto), $rowid, $myrow["sid"], $myrow["cid"]);
}
$result->baseFreeRows();
$dbo->close($_conn);
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $events_report_type);
$qs->SaveState();
?>
<form action="base_timeline.php" id="ftl">
<table cellpadding=0 cellspacing=0 width="100%">
<tr>
<td align="left" style="padding-top:3px">
<img src="../pixmaps/arrow_green.gif" border=0 align="absmiddle"> <?php
echo _("Timeline resolution");
?>
:
<input type="radio" name="resolution" onclick="$('#ftl').submit()" value="s"<?php
echo $resolution == "s" ? " checked" : "";
?>
> <?php
echo _("Seconds");
$hasta = strtotime($_SESSION["time"][1][4] . "-" . $_SESSION["time"][1][2] . "-" . $_SESSION["time"][1][3] . ' ' . $_SESSION['time'][1][5] . ':' . $_SESSION['time'][1][6] . ':' . $_SESSION['time'][1][7]);
$trdata = array($desde, $hasta, "range");
}
list($x, $y, $xticks, $xlabels) = range_graphic($trdata);
if (count($y) > 1) {
//echo "SQLG:$sqlgraph -->";
$res = $qs->ExecuteOutputQueryNoCanned($sqlgraph, $db);
//echo " COUNT:".$res->baseRecordCount()."<br>";
while ($rowgr = $res->baseFetchRow()) {
//print_r($rowgr);
$label = trim($rowgr[1] . " " . $rowgr[2]);
if (isset($y[$label]) && $y[$label] == 0) {
$y[$label] = $rowgr[0];
}
//echo "$label = $rowgr[0] <br>";
}
// Report data
$gdata = array();
foreach ($y as $label => $val) {
$gdata[] = array($label, "", "", "", "", "", "", "", "", "", "", $val, 0, 0);
}
$qs->SaveReportData($gdata, $graph_report_type);
//print_r($xlabels);print_r($xticks);print_r ($x);print_r ($y);
$plot = plot_graphic("plotareaglobal", 60, 600, $x, $y, $xticks, $xlabels, true, 'base_qry_main.php?num_result_rows=-1¤t_view=-1');
//echo "PLOT:".Util::htmlentities($plot).".";
echo $plot;
$res->baseFreeRows();
} else {
echo '<div class="plot_msg">' . _('Trend graph is not available with this date range') . '</div>';
}
echo "</body></html>";
qroPrintEntry($sens, 'center', 'middle');
qroPrintEntry('<A HREF="base_qry_main.php?' . $url_param . '&new=1&submit=' . gettext("Query DB") . '&sort_order=sig_a">' . Util::number_format_locale($num_events, 0) . '</A>', 'center', 'middle');
qroPrintEntry('<A HREF="base_stat_alerts.php?' . $url_param . '&&sort_order=occur_d">' . Util::number_format_locale($num_sig, 0) . '</A>', 'center', 'middle');
$pid = $myrow[0] . '-' . $ctx;
qroPrintEntry('<div class="upr" id="us' . $pid . '">-</div>', 'center', 'middle');
qroPrintEntry('<div id="ud' . $pid . '">-</div>', 'center', 'middle');
qroPrintEntryFooter();
++$i;
// report_data
$report_data[] = array(trim($crPort), $num_sig, $num_sip, $num_dip, $first_time, $last_time, "", "", "", "", $sens, $proto < 0 ? 0 : ($proto == TCP ? 1 : 2), 0, $num_events);
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $port_type == SOURCE_PORT ? $src_port_report_type : $dst_port_report_type);
$qs->SaveState();
ExportHTTPVar("port_type", $port_type);
ExportHTTPVar("proto", $proto);
echo "\n</FORM>\n";
PrintBASESubFooter();
$et->Mark("Get Query Elements");
$et->PrintTiming();
$db->baseClose();
// Do not load javascript if we are exporting with report_launcher.php
if (!$export) {
?>
<script>
var tmpimg = '<img alt="" src="data:image/gif;base64,R0lGODlhEAALAPQAAOPj4wAAAMLCwrm5udHR0QUFBQAAACkpKXR0dFVVVaamph4eHkJCQnt7e1lZWampqSEhIQMDA0VFRc3NzcHBwdra2jIyMsTExNjY2KKioo6OjrS0tNTU1AAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCwAAACwAAAAAEAALAAAFLSAgjmRpnqSgCuLKAq5AEIM4zDVw03ve27ifDgfkEYe04kDIDC5zrtYKRa2WQgAh+QQJCwAAACwAAAAAEAALAAAFJGBhGAVgnqhpHIeRvsDawqns0qeN5+y967tYLyicBYE7EYkYAgAh+QQJCwAAACwAAAAAEAALAAAFNiAgjothLOOIJAkiGgxjpGKiKMkbz7SN6zIawJcDwIK9W/HISxGBzdHTuBNOmcJVCyoUlk7CEAAh+QQJCwAAACwAAAAAEAALAAAFNSAgjqQIRRFUAo3jNGIkSdHqPI8Tz3V55zuaDacDyIQ+YrBH+hWPzJFzOQQaeavWi7oqnVIhACH5BAkLAAAALAAAAAAQAAsAAAUyICCOZGme1rJY5kRRk7hI0mJSVUXJtF3iOl7tltsBZsNfUegjAY3I5sgFY55KqdX1GgIAIfkECQsAAAAsAAAAABAACwAABTcgII5kaZ4kcV2EqLJipmnZhWGXaOOitm2aXQ4g7P2Ct2ER4AMul00kj5g0Al8tADY2y6C+4FIIACH5BAkLAAAALAAAAAAQAAsAAAUvICCOZGme5ERRk6iy7qpyHCVStA3gNa/7txxwlwv2isSacYUc+l4tADQGQ1mvpBAAIfkECQsAAAAsAAAAABAACwAABS8gII5kaZ7kRFGTqLLuqnIcJVK0DeA1r/u3HHCXC/aKxJpxhRz6Xi0ANAZDWa+kEAA7AAAAAAAAAAAA" />';
var plots=new Array();
var pi = 0;
