echo 'error###' . ossim_get_error_clean();
exit;
}
$query_temp = array();
//
// select src_ip from alarm table and not defined into nets
//
$ips = array();
$plugin_id = NULL;
$plugin_groups = NULL;
$source_type = NULL;
$category = NULL;
$subcategory = NULL;
$limit = 20;
// Taxonomy filters
$plugin_list = Plugin_sid::get_all_sids($conn, $plugin_id, $source_type, $category, $subcategory, $plugin_groups);
// Data Source events or Source Type events
$selected = "";
// src_ips from acid_event
$where = Security_report::make_where($conn, $date_from, $date_to, $plugin_list, $dDB);
$ejoin = preg_match('/plist_[a-z]+/', $where) ? preg_replace('/.*(plist_[a-z]+)\\.id .*/', ',\\1', $where) : '';
$query = "SELECT DISTINCT ip_src AS ip FROM alienvault_siem.acid_event {$ejoin} WHERE 1=1 {$where}\n UNION SELECT DISTINCT ip_dst as ip FROM alienvault_siem.acid_event {$ejoin} WHERE 1=1 {$where}";
$rs = $conn->Execute($query);
if (!$rs) {
Av_exception::throw_error(Av_exception::DB_ERROR, $conn->ErrorMsg());
}
$already = array();
while (!$rs->EOF) {
$ip = inet_ntop($rs->fields['ip']);
if (!isset($already[$ip])) {
//Session::hostAllowed($conn,$ip) => not necessary here?
