Exemplo n.º 1
0
    if ($no_ip) {
        $url_criteria_src = BuildSrcIPFormVars(NULL_IP);
    } else {
        $url_criteria_src = BuildSrcIPFormVars($currentIP);
    }
    if ($no_ip) {
        $url_criteria_dst = BuildDstIpFormVars(NULL_IP);
    } else {
        $url_criteria_dst = BuildDstIPFormVars($currentIP);
    }
    qroPrintEntry($num_sensors);
    qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . $num_events . '</A>');
    qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_src . '">' . $num_sig_src . '</A>');
    qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_dst . '">' . $num_sig_dst . '</A>');
    qroPrintEntry($num_sip);
    qroPrintEntry($num_dip);
    qroPrintEntryFooter();
    ++$i;
    /* report_data
       $report_data[] = array (
           $currentIP, $slnk,
           $num_sig, $num_ip,
           "", "", "", "", "", "", "",
           intval($_GET['addr_type']), $num_sensors , $num_events
       );*/
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
Exemplo n.º 2
0
        qroPrintEntry('<img src="images/dash.png" border="0">');
        qroPrintEntry($div2 . $d_country_img . BuildAddressLink($ip_dip, 32) . $ip_dip . '</A>' . $bdiv2, "", "", "nowrap");
        if ($fqdn == "yes") {
            qroPrintEntry('<FONT>' . $dip_fqdn . '</FONT>');
        }
        $p_name = Protocol::get_protocol_by_number($proto, TRUE);
        if (FALSE === $p_name) {
            $p_name = _('UNKNOWN');
        }
        qroPrintEntry('<FONT>' . $p_name . '</FONT>');
        $tmp = '<A HREF="base_stat_ports.php?port_type=2&amp;proto=' . $proto . $tmp_ip_criteria . '">';
        qroPrintEntry($tmp . Util::number_format_locale($num_unique_dport, 0) . '</A>');
        $tmp = '<A HREF="base_stat_alerts.php?foo=1' . $tmp_ip_criteria . '">';
        qroPrintEntry($tmp . Util::number_format_locale($num_unique, 0) . '</A>');
        $tmp = '<A HREF="base_qry_main.php?new=1' . '&amp;num_result_rows=-1' . '&amp;submit=' . gettext("Query DB") . '&amp;current_view=-1' . $tmp_ip_criteria . '">';
        qroPrintEntry($tmp . Util::number_format_locale($num_occurances, 0) . '</A>');
        qroPrintEntryFooter();
    }
    $i++;
    // report_data
    $p_name = Protocol::get_protocol_by_number($proto, TRUE);
    if (FALSE === $p_name) {
        $p_name = '';
    }
    $report_data[] = array($ip_sip, '', $ip_dip, '', $p_name, "", "", "", "", "", "", $num_unique_dport, $num_unique, $num_occurances, $s_country_img != '' || $d_country_img != '' ? $s_country_img . "####" . $d_country_img : '');
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
Exemplo n.º 3
0
        $cname["name"] = _("Unknown");
    }
    # Don't show unknown categories? put continue;
    if ($subcat) {
        $urlp = "base_qry_main.php?search=1&sensor=&bsf=Query+DB&search_str=&sip=&ossim_risk_a=+";
    } else {
        $urlp = "base_stat_categories.php?sort_order=occur_d";
    }
    $urlp .= $subcat ? "&category%5B1%5D=" . $category_id . "&category%5B0%5D=" . $_SESSION["category"][0] : "&category%5B1%5D=&category%5B0%5D=" . $category_id;
    $tmpid = $subcat ? $_SESSION["category"][0] . "_" . $category_id : $category_id;
    qroPrintEntryHeader($i);
    qroPrintEntry('&nbsp;<a href="' . $urlp . '">' . str_replace("_", "", $cname["name"]) . '</a>', 'left', "", "nowrap", $bgcolor);
    qroPrintEntry('&nbsp;<a href="' . $urlp . '">' . Util::number_format_locale($total_occurances, 0) . '</a>', "center", "", "", $bgcolor);
    qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), "center", "", "", $bgcolor);
    qroPrintEntry("<A class='usig' id='sg{$tmpid}-{$ctx}' HREF='{$urlp}'>" . $last_signature . "</a>", "left", "", "", $bgcolor);
    qroPrintEntry("<div id='ts{$tmpid}-{$ctx}'>-</div>", "center", "", "nowrap", $bgcolor);
    qroPrintEntryFooter();
    $i++;
    $prev_time = null;
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
if ($debug_time_mode >= 1) {
    $et->Mark("Get Query Elements");
    $et->PrintTiming();
Exemplo n.º 4
0
    $_conn = $dbo->custom_connect($_SESSION["server"][0], $_SESSION["server"][2], $_SESSION["server"][3]);
} else {
    $_conn = $dbo->connect();
}
while (($myrow = $result->baseFetchRow()) && $i < $qs->GetDisplayRowCnt()) {
    $ctx = $myrow["ctx"];
    $product_type = GetSourceType($myrow["product_type"], $db);
    $total_occurances = $myrow["events"];
    $urlp = "base_qry_main.php?new=1&submit=" . gettext("Query DB") . "&sourcetype=" . urlencode($myrow["product_type"]);
    //$urlp = "base_stat_ptypes.php?sort=occur_d&sourcetype=".urlencode($myrow["product_type"]);
    qroPrintEntryHeader($i);
    qroPrintEntry('&nbsp;&nbsp<a href="' . $urlp . '">' . $product_type . '</a>', 'left', "", "nowrap");
    qroPrintEntry('&nbsp;<a href="' . $urlp . '">' . Util::number_format_locale($total_occurances, 0) . '</a>', "center", "", "");
    qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), "center", "", "");
    qroPrintEntry("&nbsp<A class='usig' id='sg" . $myrow["product_type"] . "-{$ctx}' HREF='{$urlp}'>-</a>", "left", "", "");
    qroPrintEntry("<div id='ts" . $myrow["product_type"] . "-{$ctx}'>-</div>", "center", "", "nowrap");
    qroPrintEntryFooter();
    $i++;
    $prev_time = null;
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
if ($debug_time_mode >= 1) {
    $et->Mark("Get Query Elements");
    $et->PrintTiming();
Exemplo n.º 5
0
            $tmp_rowid = -1 . "_";
        }
    }
    $port_type == SOURCE_PORT ? $tmp_rowid .= SOURCE_PORT : ($tmp_rowid .= DEST_PORT);
    $tmp_rowid .= "_" . $myrow[0] . "_" . $ctx;
    echo '    <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
    echo '        <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
    echo '    </TD>';
    qroPrintEntry($currentPort);
    //qroPrintEntry('<A HREF="base_stat_sensor.php?' . $url_param . '">' . $num_sensors . '</A>');
    $sens = Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db));
    qroPrintEntry($sens);
    qroPrintEntry('<A HREF="base_qry_main.php?' . $url_param . '&amp;new=1&amp;submit=' . gettext("Query DB") . '&amp;sort_order=sig_a">' . $num_events . '</A>');
    qroPrintEntry('<A HREF="base_stat_alerts.php?' . $url_param . '&amp;&sort_order=occur_d">' . $num_sig . '</A>');
    qroPrintEntry('<A HREF="base_stat_uaddr.php?' . $url_param . '&amp;addr_type=1' . '&amp;sort_order=addr_a">' . $num_sip);
    qroPrintEntry('<A HREF="base_stat_uaddr.php?' . $url_param . '&amp;addr_type=2' . '&amp;sort_order=addr_a">' . $num_dip);
    qroPrintEntryFooter();
    ++$i;
    // report_data
    $report_data[] = array(trim($crPort), $num_sig, $num_sip, $num_dip, $first_time, $last_time, "", "", "", "", $sens, $proto < 0 ? 0 : ($proto == TCP ? 1 : 2), 0, $num_events);
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $port_type == SOURCE_PORT ? $src_port_report_type : $dst_port_report_type);
$qs->SaveState();
ExportHTTPVar("port_type", $port_type);
ExportHTTPVar("proto", $proto);
echo "\n</FORM>\n";
PrintBASESubFooter();
Exemplo n.º 6
0
        }
    } else {
        if ($addr_type == 2) {
            if ($no_ip) {
                $url_criteria = BuildDstIpFormVars(NULL_IP);
            } else {
                $url_criteria = BuildDstIPFormVars($currentIP);
            }
        }
    }
    qroPrintEntry($num_sensors);
    qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . $num_events . '</A>');
    qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria . '">' . $num_sig . '</A>');
    qroPrintEntry($num_ip);
    if (file_exists("../kml/GoogleEarth.php")) {
        qroPrintEntry("<a href='' onclick='window.open(\"../kml/TourConfig.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Earth API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_earth_icon.png' border='0'></a>&nbsp;&nbsp;<a href='' onclick='window.open(\"../kml/IPGoogleMap.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Maps API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_maps_icon.png' border='0'></a>");
    }
    qroPrintEntryFooter();
    ++$i;
    // report_data
    $report_data[] = array($currentIP, $slnk, $num_sig, $num_ip, "", "", "", "", "", "", "", intval($_GET['addr_type']), $num_sensors, $num_events);
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_addr_report_type);
$qs->SaveState();
ExportHTTPVar("addr_type", $addr_type);
echo "\n</FORM>\n";
Exemplo n.º 7
0
    qroPrintEntry("{$antes} <a href='{$siglink}' class='qlink'>" . trim($despues) . "</a>", "left", "", "style='vertical-align:middle'");
    //qroPrintEntry(BuildSigByID($sig_id, $db),"left","middle");
    $ocurrlink = 'base_qry_main.php?new=1&amp;sig%5B0%5D=%3D&amp;sig%5B1%5D=' . urlencode($sig_id) . '&amp;sig_type=1' . '&amp;submit=' . gettext("Query DB") . '&amp;num_result_rows=-1';
    //$perc = (($avoid_counts != 1) ? ('&nbsp;(' . (round($total_occurances / $event_cnt * 100)) . '%)') : (''));
    $pid = $myrow["plugin_id"] . "-" . $myrow["plugin_sid"];
    qroPrintEntry('<A HREF="' . $ocurrlink . '" id="occur' . $pid . '" class="qlink">' . Util::number_format_locale($total_occurances, 0) . '</A>' . $perc, 'center', 'middle', 'nowrap');
    if ($db->baseGetDBversion() >= 100) {
        $addr_link = '&amp;sig_type=1&amp;sig%5B0%5D=%3D&amp;sig%5B1%5D=' . urlencode($sig_id);
    } else {
        $addr_link = '&amp;sig%5B0%5D=%3D&amp;sig%5B1%5D=' . urlencode($sigstr);
    }
    qroPrintEntry(BuildUniqueAddressLink(1, $addr_link, '', 'qlink') . Util::number_format_locale($num_src_ip, 0) . '</A>', 'center', 'middle', 'nowrap');
    qroPrintEntry(BuildUniqueAddressLink(2, $addr_link, '', 'qlink') . Util::number_format_locale($num_dst_ip, 0) . '</A>', 'center', 'middle', 'nowrap');
    qroPrintEntry('<div id="le' . $pid . '" style="padding:0px 4px"></div>', 'center', 'middle', 'nowrap');
    // GRAPH
    qroPrintEntry('<div id="plotarea' . $pid . '" class="plot"></div>', 'center', 'middle');
    qroPrintEntryFooter();
    $i++;
    $prev_time = null;
    // report_data
    $report_data[] = array(trim(html_entity_decode($despues)), html_entity_decode($total_occurances . $perc), "", "", "", "", "", "", "", "", "", 0, $num_src_ip, $num_dst_ip);
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_events_report_type);
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
if ($debug_time_mode >= 1) {
    /*echo '  <TD nowrap '.$bgcolor.'>&nbsp;&nbsp;
                   <INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">
                   &nbsp;&nbsp;
               </TD>';
      echo '      <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';*/
    $urlp = "base_qry_main.php?search=1&sensor=&bsf=Query+DB&search_str=&sip=&ossim_risk_a=+&plugin={$plugin_id}";
    qroPrintEntryHeader($i);
    qroPrintEntry('&nbsp;&nbsp;&nbsp;<a href="' . $urlp . '">' . $plugin_name . '</a>', 'left', "", "nowrap", $bgcolor);
    qroPrintEntry('&nbsp;<a href="' . $urlp . '">' . $total_occurances . '</a>', "center", "", "", $bgcolor);
    $sens = Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db));
    qroPrintEntry($sens, "center", "", "", $bgcolor);
    qroPrintEntry("&nbsp;&nbsp;&nbsp;{$product_type}", "left", "", "", $bgcolor);
    //qroPrintEntry('<FONT>' . '' . $sid_id . '' . (($avoid_counts != 1) ? ('(' . (round($total_occurances / $event_cnt * 100)) . '%)') : ('')) . '</FONT>', 'center', 'top', 'nowrap', $bgcolor);
    //qroPrintEntry("<A HREF='base_qry_alert.php?submit=" . rawurlencode($submit) . "&amp;sort_order='>".$last_signature."</a>","left","","",$bgcolor);
    qroPrintEntry("&nbsp;<A HREF='{$urlp}'>" . $last_signature . "</a>", "left", "", "", $bgcolor);
    qroPrintEntry($timestamp, "center", "", "nowrap", $bgcolor);
    qroPrintEntryFooter();
    $i++;
    $prev_time = null;
    // report_data
    $report_data[] = array($plugin_name, $last_signature, "", "", "", "", $timestamp, "", "", "", $sens, $total_occurances, 0, 0);
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_plugins_report_type);
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
Exemplo n.º 9
0
        }
    }
    $port_type == SOURCE_PORT ? $tmp_rowid .= SOURCE_PORT : ($tmp_rowid .= DEST_PORT);
    $tmp_rowid .= "_" . $myrow[0] . "_" . $ctx;
    echo '    <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
    echo '        <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
    echo '    </TD>';
    qroPrintEntry($currentPort, 'center', 'middle');
    //qroPrintEntry('<A HREF="base_stat_sensor.php?' . $url_param . '">' . $num_sensors . '</A>');
    $sens = Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db));
    qroPrintEntry($sens, 'center', 'middle');
    qroPrintEntry('<A HREF="base_qry_main.php?' . $url_param . '&amp;new=1&amp;submit=' . gettext("Query DB") . '&amp;sort_order=sig_a">' . Util::number_format_locale($num_events, 0) . '</A>', 'center', 'middle');
    qroPrintEntry('<A HREF="base_stat_alerts.php?' . $url_param . '&amp;&sort_order=occur_d">' . Util::number_format_locale($num_sig, 0) . '</A>', 'center', 'middle');
    $pid = $myrow[0] . '-' . $ctx;
    qroPrintEntry('<div class="upr" id="us' . $pid . '">-</div>', 'center', 'middle');
    qroPrintEntry('<div id="ud' . $pid . '">-</div>', 'center', 'middle');
    qroPrintEntryFooter();
    ++$i;
    // report_data
    $report_data[] = array(trim($crPort), $num_sig, $num_sip, $num_dip, $first_time, $last_time, "", "", "", "", $sens, $proto < 0 ? 0 : ($proto == TCP ? 1 : 2), 0, $num_events);
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $port_type == SOURCE_PORT ? $src_port_report_type : $dst_port_report_type);
$qs->SaveState();
ExportHTTPVar("port_type", $port_type);
ExportHTTPVar("proto", $proto);
echo "\n</FORM>\n";
PrintBASESubFooter();
Exemplo n.º 10
0
    //($addr_type == SOURCE_IP) ? ($src_ip = $myrow[0]) : ($dst_ip = $myrow[0]);
    //$tmp_rowid = $src_ip . "_" . $dst_ip;
    //echo '    <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
    //echo '    <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>';
    /* Check for a NULL IP which indicates an event (e.g. portscan)
     * which has no IP
     */
    qroPrintEntry(BuildIDMLink($currentIP, $field, $source) . $currentIP . '</A>&nbsp;', 'center', '', 'nowrap');
    /* Print # of Occurances */
    $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&amp;submit=' . gettext("Query DB") . '&amp;current_view=-1';
    $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&amp;submit=' . gettext("Query DB") . '&amp;current_view=-1&sort_order=occur_d';
    $url_criteria = BuildIDMVars($currentIP, $field, $source);
    qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)));
    qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . $num_events . '</A>');
    qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria . '">' . $num_sig . '</A>');
    qroPrintEntry($num_ip);
    qroPrintEntryFooter();
    ++$i;
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveState();
ExportHTTPVar("addr_type", $addr_type);
echo "\n</FORM>\n<br>";
$et->Mark("Get Query Elements");
$et->PrintTiming();
PrintBASESubFooter();
$db->baseClose();
echo "</body>\r\n</html>";
Exemplo n.º 11
0
    $cell_data['PASSWORD'] = wordwrap($myrow['password'], 25, " ", true);
    $cell_data['FILENAME'] = wordwrap($myrow['filename'], 25, " ", true);
    $cell_data['PAYLOAD'] = wordwrap($myrow['data_payload'], 25, " ", true);
    for ($u = 1; $u < 10; $u++) {
        $cell_data['USERDATA' . $u] = $i < 9 ? wordwrap($myrow['userdata' . $u], 25, " ", true) : $myrow['userdata' . $u];
    }
    $cc = $i % 2 == 0 ? "class='par'" : "";
    //$htmlPdfReport->set("<tr $cc>\n");
    foreach ($_SESSION['views'][$_SESSION['current_cview']]['cols'] as $colname) {
        if ($cell_data[$colname] == "") {
            $cell_data[$colname] = "<font style='color:gray'><i>Empty</i></font>";
        }
        if ($cell_tooltip[$colname] != "") {
            qroPrintEntryTooltip($cell_data[$colname], $cell_align[$colname], "", $cell_more[$colname], $cell_tooltip[$colname]);
        } else {
            qroPrintEntry($cell_data[$colname], $cell_align[$colname], "", $cell_more[$colname]);
        }
        //$w = ($current_cols_widths[$colname]!="") ? "style='width:".$current_cols_widths[$colname]."'" : "";
        //$htmlPdfReport->set("<td class='siem' $w align='".$cell_align[$colname]."'>".($cell_pdfdata[$colname]!="" ? $cell_pdfdata[$colname] : $cell_data[$colname])."</td>\n");
    }
    //$htmlPdfReport->set("</tr>\n");
    qroPrintEntryFooter();
    $i++;
    /*if ( ($current_proto == 6) || ($current_proto == 17) )
      {
      $result4->baseFreeRows();
      $myrow4[0] = $myrow4[1] = "";
      }*/
    /* report_data */
    $report_data[] = array(trim(html_entity_decode($despues)), $tzdate, $sip_aux . $current_sport, $slnkrd, $dip_aux . $current_dport, $dlnkrd, $current_url . "/forensics/bar2.php?value=" . $current_oasset_s . "&value2=" . $current_oasset_d . "&max=5", $current_url . "/forensics/bar2.php?value=" . $current_oprio . "&max=5", $current_url . "/forensics/bar2.php?value=" . $current_oreli . "&max=9", $current_url . "/forensics/bar2.php?value=" . $current_oriskc . "&value2=" . $current_oriska . "&max=9&range=1", IPProto2str($current_proto), $rowid, $myrow["sid"], $myrow["cid"]);
}
Exemplo n.º 12
0
    // Print Columns
    foreach ($_SESSION['views'][$_SESSION['current_cview']]['cols'] as $colname) {
        if ($cell_data[$colname] == "") {
            $cell_data[$colname] = "<font style='color:gray'><i>Empty</i></font>";
        }
        if ($cell_tooltip[$colname] != "") {
            qroPrintEntryTooltip($cell_data[$colname], $cell_align[$colname], "", $cell_more[$colname], $cell_tooltip[$colname]);
        } else {
            qroPrintEntry($cell_data[$colname], $cell_align[$colname], "", $cell_more[$colname]);
        }
        //$w = ($current_cols_widths[$colname]!="") ? "style='width:".$current_cols_widths[$colname]."'" : "";
        //$htmlPdfReport->set("<td class='siem' $w align='".$cell_align[$colname]."'>".($cell_pdfdata[$colname]!="" ? $cell_pdfdata[$colname] : $cell_data[$colname])."</td>\n");
    }
    //$htmlPdfReport->set("</tr>\n");
    // Empty cell for custom views th header
    qroPrintEntry("");
    qroPrintEntryFooter();
    $i++;
    /*if ( ($current_proto == 6) || ($current_proto == 17) )
      {
      $result4->baseFreeRows();
      $myrow4[0] = $myrow4[1] = "";
      }*/
    /* report_data */
    foreach ($cell_data as $key => $cdata) {
        $cell_csvdata[$key] = $cell_pdfdata[$key] != "" ? $cell_pdfdata[$key] : str_replace("<font style='color:gray'><i>Empty</i></font>", "Empty", $cell_data[$key]);
    }
    $report_cell_data = json_encode($cell_csvdata);
    $report_data[] = array(trim(mb_convert_encoding($despues, "UTF-8", "HTML-ENTITIES")), $tzdate, $src_name . $current_sport, "", $dst_name . $current_dport, "", $current_url . "/forensics/bar2.php?value=" . $current_oasset_s . "&value2=" . $current_oasset_d . "&max=5", $current_url . "/forensics/bar2.php?value=" . $current_oprio . "&max=5", $current_url . "/forensics/bar2.php?value=" . $current_oreli . "&max=9", $current_url . "/forensics/bar2.php?value=" . $current_maxrisk . "&max=9&range=1", Session::is_pro() ? $cell_data['ENTITY'] : ($sensor_name != "" ? $sensor_name : _("N/A")), 0, 0, 0, $report_cell_data);
}
$result->baseFreeRows();
Exemplo n.º 13
0
        } else {
            $tmp_rowid = -1 . "_";
        }
    }
    $port_type == SOURCE_PORT ? $tmp_rowid .= SOURCE_PORT : ($tmp_rowid .= DEST_PORT);
    $tmp_rowid .= "_" . $myrow[0];
    echo '    <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>';
    echo '        <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
    qroPrintEntry($currentPort);
    qroPrintEntry('<A HREF="base_stat_sensor.php?' . $url_param . '">' . $num_sensors . '</A>');
    qroPrintEntry('<A HREF="base_qry_main.php?' . $url_param . '&amp;new=1&amp;submit=' . gettext("Query+DB") . '&amp;sort_order=sig_a">' . $num_events . '</A>');
    qroPrintEntry('<A HREF="base_stat_alerts.php?' . $url_param . '&amp;&sort_order=occur_d">' . $num_sig . '</A>');
    qroPrintEntry('<A HREF="base_stat_uaddr.php?' . $url_param . '&amp;addr_type=1' . '&amp;sort_order=addr_a">' . $num_sip);
    qroPrintEntry('<A HREF="base_stat_uaddr.php?' . $url_param . '&amp;addr_type=2' . '&amp;sort_order=addr_a">' . $num_dip);
    qroPrintEntry($first_time);
    qroPrintEntry($last_time);
    qroPrintEntryFooter();
    ++$i;
    // report_data
    $report_data[] = array(trim($crPort), $num_sig, $num_sip, $num_dip, $first_time, $last_time, "", "", "", "", "", $proto < 0 ? 0 : ($proto == TCP ? 1 : 2), $num_sensors, $num_events);
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $port_type == SOURCE_PORT ? $src_port_report_type : $dst_port_report_type);
$qs->SaveState();
ExportHTTPVar("port_type", $port_type);
ExportHTTPVar("proto", $proto);
echo "\n</FORM>\n";
PrintBASESubFooter();
Exemplo n.º 14
0
        $cell_align['REP_ACT_SRC'] = "center";
        $cell_data['REP_ACT_DST'] = str_replace("&amp;", "&", Util::htmlentities($myrow['REP_ACT_DST']));
        $cell_align['REP_ACT_DST'] = "center";
        // Print Columns
        foreach ($_SESSION['views'][$_SESSION['current_cview']]['cols'] as $colname) {
            if ($cell_data[$colname] == "") {
                $cell_data[$colname] = "<font style='color:gray'><i>Empty</i></font>";
            }
            if ($cell_tooltip[$colname] != "") {
                qroPrintEntryTooltip($cell_data[$colname], $cell_align[$colname], "", $cell_more[$colname], $cell_tooltip[$colname]);
            } else {
                qroPrintEntry($cell_data[$colname], $cell_align[$colname], "", $cell_more[$colname]);
            }
        }
        /* Details link */
        qroPrintEntry($linkd, 'center', 'middle', "width='26px'");
        qroPrintEntryFooter();
        $i++;
        /* report_data */
        foreach ($cell_data as $key => $cdata) {
            $cell_csvdata[$key] = $cell_pdfdata[$key] != "" ? $cell_pdfdata[$key] : str_replace("<font style='color:gray'><i>Empty</i></font>", "Empty", $cell_data[$key]);
        }
        $report_cell_data = json_encode($cell_csvdata);
        $report_data[] = array(trim($despues), $tzdate, $src_name . $current_sport, "", $dst_name . $current_dport, "", $current_url . "/forensics/bar2.php?value=" . $current_oasset_s . "&value2=" . $current_oasset_d . "&max=5", $current_url . "/forensics/bar2.php?value=" . $current_oprio . "&max=5", $current_url . "/forensics/bar2.php?value=" . $current_oreli . "&max=9", $current_url . "/forensics/bar2.php?value=" . $current_maxrisk . "&max=9&range=1", Session::is_pro() ? $cell_data['ENTITY'] : ($sensor_name != "" ? $sensor_name : _("N/A")), !empty($myrow['otx']), 0, 0, $report_cell_data);
    }
    $dbo->close($_conn);
    $qro->PrintFooter();
    $qs->PrintBrowseButtons();
    $qs->PrintAlertActionButtons();
    $qs->SaveReportData($report_data, $events_report_type);
}
Exemplo n.º 15
0
            if ($no_ip) {
                $url_criteria = BuildDstIpFormVars(NULL_IP);
            } else {
                $url_criteria = BuildDstIPFormVars($currentIP);
            }
        }
    }
    $sens = Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db));
    qroPrintEntry($sens, "center", "middle");
    qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . Util::number_format_locale($num_events, 0) . '</A>', "center", "middle");
    qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria . '">' . Util::number_format_locale($num_sig, 0) . '</A>', "center", "middle");
    qroPrintEntry(Util::number_format_locale($num_ip, 0), "center", "middle");
    if (file_exists("../kml/GoogleEarth.php") && $currentIP != "0.0.0.0" && $currentIP != "::") {
        qroPrintEntry("<a href='' onclick='window.open(\"../kml/TourConfig.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Earth API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' title='" . _("Geolocation Tour") . "' src='../pixmaps/google_earth_icon.png' border='0'></a>&nbsp;&nbsp;<a href='' onclick='window.open(\"../kml/IPGoogleMap.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Maps API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img title='" . _("Geolocation Map") . "' align='absmiddle' src='../pixmaps/google_maps_icon.png' border='0'></a>");
    } else {
        qroPrintEntry('');
    }
    qroPrintEntryFooter();
    ++$i;
    // report_data
    $report_data[] = array($currentIP, '', $num_sig, $num_ip, "", "", "", "", "", "", $sens, intval($_GET['addr_type']), 0, $num_events, $country_img);
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_addr_report_type);
$qs->SaveState();
ExportHTTPVar("addr_type", $addr_type);
echo "\n</FORM>\n";
Exemplo n.º 16
0
    /* Check for a NULL IP which indicates an event (e.g. portscan)
     * which has no IP
     */
    qroPrintEntry(BuildIDMLink($currentIP, $addr_type) . $currentIP . '</A>&nbsp;', 'center', '', 'nowrap');
    /* Print # of Occurances */
    $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1';
    $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&sort_order=occur_d';
    $url_criteria = BuildIDMVars($currentIP, $addr_type);
    $url_criteria_src = BuildIDMVars($currentIP, $addr_type, "src");
    $url_criteria_dst = BuildIDMVars($currentIP, $addr_type, "dst");
    qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), 'center', 'middle');
    qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . Util::number_format_locale($num_events, 0) . '</A>', 'center', 'middle');
    qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_src . '">' . Util::number_format_locale($num_sig_src, 0) . '</A>', 'center', 'middle');
    qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_dst . '">' . Util::number_format_locale($num_sig_dst, 0) . '</A>', 'center', 'middle');
    qroPrintEntry(Util::number_format_locale($num_sip, 0), 'center', 'middle');
    qroPrintEntry(Util::number_format_locale($num_dip, 0), 'center', 'middle');
    qroPrintEntryFooter();
    ++$i;
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveState();
ExportHTTPVar("addr_type", $addr_type);
echo "\n</FORM><br>\n";
$et->Mark("Get Query Elements");
$et->PrintTiming();
PrintBASESubFooter();
$db->baseClose();
echo "</body>\r\n</html>";
Exemplo n.º 17
0
    }
    $sig_id = $last['id'];
    $timestamp = $last["timestamp"];
    if ($tz != 0) {
        $timestamp = gmdate("Y-m-d H:i:s", get_utc_unixtime($db, $timestamp) + 3600 * $tz);
    }
    $submit = "#" . ($qs->GetCurrentView() * $show_rows + $i) . "-" . $sig_id;
    $tmp_rowid = rawurlencode($sig_id);
    $urlp = "base_qry_main.php?new=1&submit=" . gettext("Query DB") . "&sourcetype=" . urlencode($myrow["product_type"]);
    //$urlp = "base_stat_ptypes.php?sort=occur_d&sourcetype=".urlencode($myrow["product_type"]);
    qroPrintEntryHeader($i);
    qroPrintEntry('&nbsp;&nbsp<a href="' . $urlp . '">' . $product_type . '</a>', 'left', "", "nowrap");
    qroPrintEntry('&nbsp;<a href="' . $urlp . '">' . $total_occurances . '</a>', "center", "", "");
    qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), "center", "", "");
    qroPrintEntry("&nbsp<A HREF='{$urlp}'>" . $last_signature . "</a>", "left", "", "");
    qroPrintEntry($timestamp, "center", "", "nowrap");
    qroPrintEntryFooter();
    $i++;
    $prev_time = null;
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
if ($debug_time_mode >= 1) {
    $et->Mark("Get Query Elements");
    $et->PrintTiming();
Exemplo n.º 18
0
        $url_criteria_src = BuildSrcIPFormVars(NULL_IP);
    } else {
        $url_criteria_src = BuildSrcIPFormVars($currentIP);
    }
    if ($no_ip) {
        $url_criteria_dst = BuildDstIpFormVars(NULL_IP);
    } else {
        $url_criteria_dst = BuildDstIPFormVars($currentIP);
    }
    qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), "center", "middle");
    qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria_src . '">' . Util::number_format_locale($src_num_events, 0) . '</A>', "center", "middle");
    qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_src . '">' . Util::number_format_locale($num_sig_src, 0) . '</A>', "center", "middle");
    qroPrintEntry(Util::number_format_locale($num_sip, 0), "center", "middle");
    qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria_dst . '">' . Util::number_format_locale($dst_num_events, 0) . '</A>', "center", "middle");
    qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_dst . '">' . Util::number_format_locale($num_sig_dst, 0) . '</A>', "center", "middle");
    qroPrintEntry(Util::number_format_locale($num_dip, 0), "center", "middle");
    qroPrintEntryFooter();
    ++$i;
    /* report_data
       $report_data[] = array (
           $currentIP, $slnk,
           $num_sig, $num_ip,
           "", "", "", "", "", "", "",
           intval($_GET['addr_type']), $num_sensors , $num_events
       );*/
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
Exemplo n.º 19
0
        if ($fqdn == "yes") {
            qroPrintEntry('<FONT>' . $sip_fqdn . '</FONT>');
        }
        qroPrintEntry($div1 . $s_country_img . BuildAddressLink($ip_sip, 32) . $ip_sip . '</A>' . $bdiv1, "", "", "nowrap");
        qroPrintEntry('<img src="images/dash.png" border="0">');
        qroPrintEntry($div2 . $d_country_img . BuildAddressLink($ip_dip, 32) . $ip_dip . '</A>' . $bdiv2, "", "", "nowrap");
        if ($fqdn == "yes") {
            qroPrintEntry('<FONT>' . $dip_fqdn . '</FONT>');
        }
        qroPrintEntry('<FONT>' . IPProto2str($proto) . '</FONT>');
        $tmp = '<A HREF="base_stat_ports.php?port_type=2&amp;proto=' . $proto . $tmp_ip_criteria . '">';
        qroPrintEntry($tmp . $num_unique_dport . '</A>');
        $tmp = '<A HREF="base_stat_alerts.php?foo=1' . $tmp_ip_criteria . '">';
        qroPrintEntry($tmp . $num_unique . '</A>');
        $tmp = '<A HREF="base_qry_main.php?new=1' . '&amp;num_result_rows=-1' . '&amp;submit=' . gettext("Query DB") . '&amp;current_view=-1' . $tmp_ip_criteria . '">';
        qroPrintEntry($tmp . $num_occurances . '</A>');
        qroPrintEntryFooter();
    }
    $i++;
    // report_data
    $report_data[] = array($ip_sip, '', $ip_dip, '', IPProto2str($proto), "", "", "", "", "", "", $num_unique_dport, $num_unique, $num_occurances, $s_country_img != '' || $d_country_img != '' ? $s_country_img . "####" . $d_country_img : '');
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_iplinks_report_type);
$qs->SaveState();
echo "<input type='hidden' name='fqdn' value='" . Util::htmlentities($fqdn) . "'>\n";
echo "\n</FORM>\n";
Exemplo n.º 20
0
        $country_img = "";
        $slnk = $homelan != "" ? $current_url . "/forensics/images/homelan.png" : "";
    }
    /* Print out */
    qroPrintEntryHeader($i);
    $tmp_rowid = $sensor_id;
    echo '    <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
    echo '        <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>';
    qroPrintEntry($sensor_id);
    qroPrintEntry((preg_match("/\\-.+/", $sname) ? $sname : $sname . "-snort") . $country_img . $homelan);
    qroPrintEntry('<A HREF="base_qry_main.php?new=1&amp;sensor=' . $sensor_id . '&amp;num_result_rows=-1&amp;submit=' . gettext("Query+DB") . '">' . $event_cnt . '</A>');
    qroPrintEntry(BuildUniqueAlertLink("?sensor=" . $sensor_id) . $unique_event_cnt . '</A>');
    qroPrintEntry(BuildUniqueAddressLink(1, "&amp;sensor=" . $sensor_id) . $num_src_ip . '</A>');
    qroPrintEntry(BuildUniqueAddressLink(2, "&amp;sensor=" . $sensor_id) . $num_dst_ip . '</A>');
    qroPrintEntry($start_time);
    qroPrintEntry($stop_time);
    qroPrintEntryFooter();
    $i++;
    // report_data
    $report_data[] = array(trim(preg_match("/\\-.+/", $sname) ? $sname : $sname . "-snort"), $slnk, $num_src_ip, $num_dst_ip, $start_time, $stop_time, "", "", "", "", "", $sensor_id, $event_cnt, $unique_event_cnt);
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $sensors_report_type);
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
$et->Mark("Get Query Elements");
Exemplo n.º 21
0
    }
    qroPrintEntry("{$antes} <a href='{$siglink}'>" . trim($despues) . "</a>", "left");
    //if ($db->baseGetDBversion() >= 103) qroPrintEntry(GetSigClassName(GetSigClassID($sig_id, $db) , $db));
    $perc = $avoid_counts != 1 ? '&nbsp;(' . round($total_occurances / $event_cnt * 100) . '%)' : '';
    //qroPrintEntry('<FONT>' . '<A HREF="base_qry_main.php?new=1amp;&amp;sig%5B0%5D=%3D&amp;sig%5B1%5D=' . (rawurlencode($sig_id)) . '&amp;sig_type=1' . '&amp;submit=' . gettext("Query+DB") . '&amp;num_result_rows=-1">' . $total_occurances . '</A>' .
    qroPrintEntry('<FONT>' . '<A HREF="' . $siglink . '">' . $total_occurances . '</A>' . $perc . '</FONT>', 'center', 'top', 'nowrap');
    qroPrintEntry('<A HREF="base_stat_sensor.php?sig%5B0%5D=%3D&amp;sig%5B1%5D=' . urlencode($sig_id) . '&amp;sig_type=1">' . $num_sensors . '</A>');
    if ($db->baseGetDBversion() >= 100) {
        $addr_link = '&amp;sig_type=1&amp;sig%5B0%5D=%3D&amp;sig%5B1%5D=' . urlencode($sig_id);
    } else {
        $addr_link = '&amp;sig%5B0%5D=LIKE&amp;sig%5B1%5D=' . urlencode($sigstr);
    }
    qroPrintEntry('<FONT>' . BuildUniqueAddressLink(1, $addr_link) . $num_src_ip . '</A></FONT>', 'center', 'top', 'nowrap');
    qroPrintEntry('<FONT>' . BuildUniqueAddressLink(2, $addr_link) . $num_dst_ip . '</A></FONT>', 'center', 'top', 'nowrap');
    qroPrintEntry('<FONT>' . $start_time . '</FONT>', 'center', 'top', 'nowrap');
    qroPrintEntry('<FONT>' . $stop_time . '</FONT>', 'center', 'top', 'style="padding:0 10px 0 10px" nowrap');
    qroPrintEntryFooter();
    $i++;
    $prev_time = null;
    // report_data
    $report_data[] = array(trim(html_entity_decode($despues)), html_entity_decode($total_occurances . $perc), $start_time, $stop_time, "", "", "", "", "", "", "", $num_sensors, $num_src_ip, $num_dst_ip);
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $unique_events_report_type);
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
if ($debug_time_mode >= 1) {
Exemplo n.º 22
0
    /* Print out */
    qroPrintEntryHeader($i);
    $tmp_rowid = rawurlencode($class_id);
    echo '  <TD>&nbsp;&nbsp;
                 <INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">
                 &nbsp;&nbsp;
             </TD>';
    echo '      <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
    qroPrintEntry(GetSigClassName($class_id, $db));
    qroPrintEntry('<FONT>' . '<A HREF="base_qry_main.php?new=1&amp;sig_class=' . $class_id . '&amp;submit=' . gettext("Query+DB") . '&amp;num_result_rows=-1">' . $total_occurances . '</A> 
                   (' . round($total_occurances / $event_cnt * 100) . '%)' . '</FONT>');
    qroPrintEntry('<FONT><A HREF="base_stat_sensor.php?sig_class=' . $class_id . '">' . $sensor_num . '</A>');
    qroPrintEntry('<FONT><A HREF="base_stat_alerts.php?sig_class=' . $class_id . '">' . $sig_num . '</FONT>');
    qroPrintEntry('<FONT>' . BuildUniqueAddressLink(1, '&amp;sig_class=' . $class_id) . $sip_num . '</A></FONT>');
    qroPrintEntry('<FONT>' . BuildUniqueAddressLink(2, '&amp;sig_class=' . $class_id) . $dip_num . '</A></FONT>');
    qroPrintEntry('<FONT>' . $min_time . '</FONT>');
    qroPrintEntry('<FONT>' . $max_time . '</FONT>');
    qroPrintEntryFooter();
    $i++;
    $prev_time = null;
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
$et->Mark("Get Query Elements");
$et->PrintTiming();
echo "</body>\r\n</html>";
Exemplo n.º 23
0
    } else {
        $country_img = "";
        $slnk = "";
    }
    /* Print out */
    qroPrintEntryHeader($i);
    $tmp_rowid = $device_id;
    echo '    <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">';
    echo '        <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>';
    qroPrintEntry($sensor_ip, 'center', 'middle');
    qroPrintEntry($sname . $country_img . $homelan, 'center', 'middle');
    qroPrintEntry($device_ip, 'center', 'middle');
    qroPrintEntry('<A HREF="base_qry_main.php?new=1&amp;sensor=' . $device_id . '&amp;num_result_rows=-1&amp;submit=' . gettext("Query DB") . '">' . Util::number_format_locale($event_cnt, 0) . '</A>', 'center', 'middle');
    qroPrintEntry('<div id="ua' . $device_id . '" class="sens">' . $unique_event_cnt . '</div>', 'center', 'middle', 'nowrap');
    qroPrintEntry('<div id="sa' . $device_id . '">' . $num_src_ip . '</div>', 'center', 'middle', 'nowrap');
    qroPrintEntry('<div id="da' . $device_id . '">' . $num_dst_ip . '</div>', 'center', 'middle', 'nowrap');
    /*qroPrintEntry(BuildUniqueAlertLink("?sensor=" . $device_id) . $unique_event_cnt . '</A>');
      qroPrintEntry(BuildUniqueAddressLink(1, "&amp;sensor=" . $device_id) . $num_src_ip . '</A>');
      qroPrintEntry(BuildUniqueAddressLink(2, "&amp;sensor=" . $device_id) . $num_dst_ip . '</A>');*/
    qroPrintEntryFooter();
    $i++;
    // report_data
    $report_data[] = array($sname, $slnk, $num_src_ip, $num_dst_ip, "", "", $sensor_ip, $device_ip, "", "", "", 0, $event_cnt, $unique_event_cnt);
}
$result->baseFreeRows();
$dbo->close($_conn);
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveReportData($report_data, $sensors_report_type);
$qs->SaveState();
Exemplo n.º 24
0
    // GRAPH
    $graph = '<div id="plotarea' . $i . '" class="plot"></div>';
    $sqlgr = str_replace("SIGCLASSID", $class_id, $sqlgraph);
    $rgraph = $qs->ExecuteOutputQuery($sqlgr, $db);
    $yy = $y;
    while ($rowgr = $rgraph->baseFetchRow()) {
        $label = trim($rowgr[1] . " " . $rowgr[2]);
        if (isset($yy[$label]) && $yy[$label] == 0) {
            $yy[$label] = $rowgr[0];
        }
    }
    /*$x= array(1,2,3,4,5,6,7);
      $y= array(1,0,1,0,1,0,1);
      $xticks= array(1,2,3,4,5,6,7);
      $xlabels= array("","","","","","","");*/
    $plot = plot_graphic("plotarea" . $i, 45, 400, $x, $yy, $xticks, $xlabels, false, $ocurrlink);
    qroPrintEntry($graph . $plot, 'center', 'middle');
    qroPrintEntryFooter();
    $i++;
    $prev_time = null;
}
$result->baseFreeRows();
$qro->PrintFooter();
$qs->PrintBrowseButtons();
$qs->PrintAlertActionButtons();
$qs->SaveState();
echo "\n</FORM>\n";
PrintBASESubFooter();
$et->Mark("Get Query Elements");
$et->PrintTiming();
echo "</body>\r\n</html>";