function DisplayGraphs($type) { $self = Menu::get_menu_url('/ossim/nfsen/nfsen.php?tab=2', 'environment', 'netflow', 'details'); $profile = $_SESSION['profile']; $profilegroup = $_SESSION['profilegroup']; if ($profilegroup == '.') { print "<h2>Profile: " . Util::htmlentities($profile) . ", Group: (nogroup) - " . Util::htmlentities($type) . "</h2>\n"; } else { print "<h2>Profile: " . Util::htmlentities($profile) . ", Group: " . Util::htmlentities($profilegroup . " - " . $type) . "</h2>\n"; } if ($_SESSION['profileinfo']['graphs'] != 'ok') { print "<h2>No data available!</h2>\n"; return; } $profileswitch = "{$profilegroup}/{$profile}"; print "<center><a href='" . Util::htmlentities($self) . (preg_match("/\\?/", $self) ? "&" : "?") . "tab=2&win=day&type=" . urlencode($type) . "'> <IMG src='pic.php?profileswitch=" . urlencode($profileswitch) . "&file={$type}-day' width='669' height='281' border='0'></a>\n"; print "<br>"; print "<a href='" . Util::htmlentities($self) . (preg_match("/\\?/", $self) ? "&" : "?") . "tab=2&win=week&type=" . urlencode($type) . "'> <IMG src='pic.php?profileswitch=" . urlencode($profileswitch) . "&file={$type}-week' width='669' height='281' border='0'></a>\n"; print "<br>"; print "<a href='" . Util::htmlentities($self) . (preg_match("/\\?/", $self) ? "&" : "?") . "tab=2&win=month&type=" . urlencode($type) . "'> <IMG src='pic.php?profileswitch=" . urlencode($profileswitch) . "&file={$type}-month' width='669' height='281' border='0'></a>\n"; print "<br>"; print "<a href='" . Util::htmlentities($self) . (preg_match("/\\?/", $self) ? "&" : "?") . "tab=2&win=year&type=" . urlencode($type) . "'> <IMG src='pic.php?profileswitch=" . urlencode($profileswitch) . "&file={$type}-year' width='669' height='281' border='0'></a>\n"; print "<br></center>"; }
<tr> <td class="nobborder"><img src="../pixmaps/loading3.gif"></td> <td class="nobborder"><?php echo _("Loading data..."); ?> </td> </tr> </table> </div> <?php // Honeypot Events List if ($type == "honeypot_events") { $text_column = _("Event"); $value_column = _("Count"); $nodata_text .= _(" for <i>Honeypot</i>"); $f_url = Menu::get_menu_url("../forensics/base_qry_main.php?clear_allcriteria=1&time_range=week&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz - $range) . "&time[0][3]=" . gmdate("d", $timetz - $range) . "&time[0][4]=" . gmdate("Y", $timetz - $range) . "&time[0][5]=&time[0][6]=&time[0][7]=&time[0][8]=+&time[0][9]=+&submit=Query+DB&sig_type=1&sig%5B0%5D=%3D&sig%5B1%5D=QQQ&sort_order=time_d", 'analysis', 'security_events', 'security_events'); $query = "select count(*) as val,p.name,p.plugin_id,p.sid FROM snort.acid_event a,ossim.plugin_sid p WHERE p.plugin_id=a.plugin_id AND p.sid=a.plugin_sid AND p.category_id=19 AND a.timestamp BETWEEN '" . gmdate("Y-m-d H:i:s", gmdate("U") - $range) . "' AND '" . gmdate("Y-m-d H:i:s") . "' {$sensor_where} group by p.name order by val desc limit 10"; } if (!($rs =& $conn->Execute($query))) { print $conn->ErrorMsg(); exit; } $data = array(); while (!$rs->EOF) { $data[] = array("text" => $rs->fields['name'], "value" => $rs->fields['val'], "link" => str_replace("QQQ", $rs->fields["plugin_id"] . "%3B" . $rs->fields["sid"], $f_url)); $rs->MoveNext(); } $db->close(); ?> <div id="content" style="display:none;height:100%"> <table width="100%" height="100%" cellpadding=3 cellspacing=0 style="border:0px">
break; case 'siemdays': //Amount of days to show in the widget. $max = $chart_info['range'] == '' ? 7 : $chart_info['range']; //Type of graph. In this case is the simple raphael. $js = "analytics"; //Retrieving the data of the widget $values = SIEM_trends_week("", $max, $assets_filters); //Formating the info into a generinf format valid for the handler. for ($i = $max - 1; $i >= 0; $i--) { $tref = $timetz - 86400 * $i; $d = gmdate("j M", $tref); $label[] = $d; $key = $d; $data[] = $values[$d] != "" ? $values[$d] : 0; $link = Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $tref) . "&time[0][3]=" . gmdate("d", $tref) . "&time[0][4]=" . gmdate("Y", $tref) . "&time[0][5]=00&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $tref) . "&time[1][3]=" . gmdate("d", $tref) . "&time[1][4]=" . gmdate("Y", $tref) . "&time[1][5]=23&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events'); $links[$key] = $link; } //Widget's links $siem_url = $links; $colors = "'#444444'"; //Message in case of empty widget. $nodata_text = "No data available yet"; break; //In case of error a message will be shown. //In case of error a message will be shown. default: $nodata_text = _("Unknown Type"); } $db->close(); //Now the handler is called to draw the proper widget, this is: any kind of chart, tag_cloud, etc...
$(document).ready(function(){ GB_TYPE = 'w'; $("a.greybox").click(function(){ var t = this.title || $(this).text() || this.href; GB_show(t,this.href, 400, 600); return false; }); if (!parent.is_lightbox_loaded(window.name)) { $('.c_back_button').show(); } <?php $p_url = Menu::get_menu_url('/ossim/conf/plugin.php', 'configuration', 'threat_intelligence', 'data_source'); ?> $(".c_back_button").click(function(){ document.location.href='<?php echo $p_url; ?> '; }); }); </script> <style type='text/css'> #t_ref{ margin: 50px auto; max-width: 1200px; white-space: nowrap;
function get_report_data($id = NULL) { $conf = $GLOBALS['CONF']; $conf = !$conf ? new Ossim_conf() : $conf; $y = strftime('%Y', time() - 24 * 60 * 60 * 30); $m = strftime('%m', time() - 24 * 60 * 60 * 30); $d = strftime('%d', time() - 24 * 60 * 60 * 30); $reports['asset_report'] = array('report_name' => _('Asset Details'), 'report_id' => 'asset_report', 'type' => 'external', 'link_id' => 'link_ar_asset', 'link' => '', 'parameters' => array(array('name' => _('Host Name/IP/Network'), 'id' => 'ar_asset', 'type' => 'asset', 'default_value' => '')), 'access' => Session::menu_perms('environment-menu', 'PolicyHosts') || Session::menu_perms('environment-menu', 'PolicyNetworks'), 'send_by_email' => 0); $status_values = array('All' => array('text' => _('All')), 'Open' => array('text' => _('Open')), 'Assigned' => array('text' => _('Assigned')), 'Studying' => array('text' => _('Studying')), 'Waiting' => array('text' => _('Waiting')), 'Testing' => array('text' => _('Testing')), 'Closed' => array('text' => _('Closed'))); $types_values = array('ALL' => array('text' => _('ALL')), 'Expansion Virus' => array('text' => _('Expansion Virus')), 'Corporative Nets Attack' => array('text' => _('Corporative Nets Attack')), 'Policy Violation' => array('text' => _('Policy Violation')), 'Security Weakness' => array('text' => _('Security Weakness')), 'Net Performance' => array('text' => _('Net Performance')), 'Applications and Systems Failures' => array('text' => _('Applications and Systems Failures')), 'Anomalies' => array('text' => _('Anomalies')), 'Vulnerability' => array('text' => _('Vulnerability'))); $priority_values = array('High' => _('High'), 'Medium' => _('Medium'), 'Low' => _('Low')); $reports['tickets_report'] = array('report_name' => _('Tickets Report'), 'report_id' => 'tickets_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'alarm' => array('id' => 'alarm', 'name' => _('Alarm'), 'report_file' => 'os_reports/Tickets/Alarm.php'), 'event' => array('id' => 'event', 'name' => _('Event'), 'report_file' => 'os_reports/Tickets/Event.php'), 'anomaly' => array('id' => 'anomaly', 'name' => _('Anomaly'), 'report_file' => 'os_reports/Tickets/Anomaly.php'), 'vulnerability' => array('id' => 'vulnerability', 'name' => _('Vulnerability'), 'report_file' => 'os_reports/Tickets/Vulnerability.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'tr_date_from', 'date_to_id' => 'tr_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d'))), array('name' => _('Status'), 'id' => 'tr_status', 'type' => 'select', 'values' => $status_values), array('name' => _('Type'), 'id' => 'tr_type', 'type' => 'select', 'values' => $types_values), array('name' => _('Priority'), 'id' => 'tr_priority', 'type' => 'checkbox', 'values' => $priority_values)), 'access' => Session::menu_perms('analysis-menu', 'IncidentsIncidents'), 'send_by_email' => 1); $reports['alarm_report'] = array('report_name' => _('Alarms Report'), 'report_id' => 'alarm_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'top_attacker_host' => array('id' => 'top_attacker_host', 'name' => _('Top 10 Attacker Host'), 'report_file' => 'os_reports/Alarms/AttackerHosts.php'), 'top_attacked_host' => array('id' => 'top_attacked_host', 'name' => _('Top 10 Attacked Host'), 'report_file' => 'os_reports/Alarms/AttackedHosts.php'), 'used_port' => array('id' => 'used_port', 'name' => _('Top 10 Used Ports'), 'report_file' => 'os_reports/Alarms/UsedPorts.php'), 'top_events' => array('id' => 'top_events', 'name' => _('Top 15 Alarms'), 'report_file' => 'os_reports/Alarms/TopAlarms.php'), 'events_by_risk' => array('id' => 'events_by_risk', 'name' => _('Top 15 Alarms by Risk'), 'report_file' => 'os_reports/Alarms/TopAlarmsByRisk.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'ar_date_from', 'date_to_id' => 'ar_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('analysis-menu', 'ControlPanelAlarms'), 'send_by_email' => 1); $reports['bc_pci_report'] = array('report_name' => _('Business & Compliance ISO PCI Report'), 'report_id' => 'bc_pci_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'threat_overview' => array('id' => 'threat_overview', 'name' => _('Threat overview'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/ThreatOverview.php'), 'bri_risks' => array('id' => 'bri_risks', 'name' => _('Business real impact risks'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/BusinessPotentialImpactsRisks.php'), 'ciap_impact' => array('id' => 'ciap_impact', 'name' => _('C.I.A Potential impact'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/CIAPotentialImpactsRisks.php'), 'pci_dss' => array('id' => 'pci_dss', 'name' => _('PCI-DSS 2.0'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/PCI-DSS.php'), 'pci_dss3' => array('id' => 'pci_dss3', 'name' => _('PCI-DSS 3.0'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/PCI-DSS3.php'), 'trends' => array('id' => 'trends', 'name' => _('Trends'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/Trends.php'), 'iso27002_p_impact' => array('id' => 'iso27002_p_impact', 'name' => _('ISO27002 Potential impact'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/ISO27002PotentialImpact.php'), 'iso27001' => array('id' => 'iso27001', 'name' => _('ISO27001'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/ISO27001.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'bc_pci_date_from', 'date_to_id' => 'bc_pci_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('report-menu', 'ReportsReportServer'), 'send_by_email' => 1); $reports['siem_report'] = array('report_name' => _('SIEM Events'), 'report_id' => 'siem_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'top_attacker_host' => array('id' => 'top_attacker_host', 'name' => _('Top 10 Attacker Host'), 'report_file' => 'os_reports/Siem/AttackerHosts.php'), 'top_attacked_host' => array('id' => 'top_attacked_host', 'name' => _('Top 10 Attacked Host'), 'report_file' => 'os_reports/Siem/AttackedHosts.php'), 'used_port' => array('id' => 'used_port', 'name' => _('Top 10 Used Ports'), 'report_file' => 'os_reports/Siem/UsedPorts.php'), 'top_events' => array('id' => 'top_events', 'name' => _('Top 15 Events'), 'report_file' => 'os_reports/Siem/TopEvents.php'), 'events_by_risk' => array('id' => 'events_by_risk', 'name' => _('Top 15 Events by Risk'), 'report_file' => 'os_reports/Siem/TopEventsByRisk.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'sr_date_from', 'date_to_id' => 'sr_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('analysis-menu', 'EventsForensics'), 'send_by_email' => 1); $reports['vulnerabilities_report'] = array('report_name' => _('Vulnerabilities Report'), 'report_id' => 'vulnerabilities_report', 'type' => 'external', 'target' => '_blank', 'link_id' => 'link_vr', 'link' => Menu::get_menu_url('../vulnmeter/lr_respdf.php?ipl=all&scantype=M', 'environment', 'vulnerabilities', 'overview'), 'access' => Session::menu_perms('analysis-menu', 'EventsVulnerabilities'), 'send_by_email' => 0); $reports['th_vuln_db'] = array('report_name' => _('Threats & Vulnerabilities Database'), 'report_id' => 'th_vuln_db', 'type' => 'external', 'link_id' => 'link_tvd', 'link' => Menu::get_menu_url('../vulnmeter/threats-db.php', 'environment', 'vulnerabilities', 'threat_database'), 'access' => Session::menu_perms('analysis-menu', 'EventsVulnerabilities'), 'send_by_email' => 0); $reports['ticket_status'] = array('report_name' => _('Tickets Status'), 'report_id' => 'ticket_status', 'type' => 'external', 'link_id' => 'link_tr', 'link' => Menu::get_menu_url('../report/incidentreport.php', 'analysis', 'tickets', 'tickets'), 'access' => Session::menu_perms('analysis-menu', 'IncidentsIncidents'), 'send_by_email' => 0); $db = new ossim_db(); $conn = $db->connect(); $user = Session::get_session_user(); $session_list = Session::get_list($conn, 'ORDER BY login'); if (preg_match('/pro|demo/', $conf->get_conf('ossim_server_version')) && !Session::am_i_admin()) { $myusers = Acl::get_my_users($conn, Session::get_session_user()); if (count($myusers) > 0) { $is_pro_admin = 1; } } // User Log lists if (Session::am_i_admin()) { $user_values[''] = array('text' => _('All')); if ($session_list) { foreach ($session_list as $session) { $login = $session->get_login(); $user_values[$login] = $login == $user ? array('text' => $login, 'selected' => TRUE) : array('text' => $login); } } } elseif ($is_pro_admin) { foreach ($myusers as $myuser) { $user_values[$myuser['login']] = array('text' => $myuser['login']); $user_values[$user] = array('text' => $user, 'selected' => TRUE); } } else { $user_values[$user] = array('text' => $user); } $code_list = Log_config::get_list($conn, 'ORDER BY descr'); $action_values[''] = array('text' => _('All')); if ($code_list) { foreach ($code_list as $code_log) { $code_aux = $code_log->get_code(); $action_values[$code_aux] = array('text' => '[' . sprintf("%02d", $code_aux) . '] ' . _(preg_replace('|%.*?%|', " ", $code_log->get_descr()))); } } $reports['user_activity'] = array('report_name' => _('User Activity Report'), 'report_id' => 'user_activity', 'type' => 'external', 'link_id' => 'link_ua', 'link' => Menu::get_menu_url('../userlog/user_action_log.php', 'settings', 'settings', 'user_activity'), 'parameters' => array(array('name' => _('User'), 'id' => 'ua_user', 'type' => 'select', 'values' => $user_values), array('name' => _('Action'), 'id' => 'ua_action', 'type' => 'select', 'values' => $action_values)), 'access' => Session::menu_perms('settings-menu', 'ToolsUserLog'), 'send_by_email' => 0); $reports['geographic_report'] = array('report_name' => _('Geographic Report'), 'report_id' => 'geographic_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'geographic_report' => array('id' => 'geographic_report', 'name' => _('Geographic Report'), 'report_file' => 'os_reports/Various/Geographic.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'gr_date_from', 'date_to_id' => 'gr_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('analysis-menu', 'EventsForensics'), 'send_by_email' => 1); //Sensor list $sensor_values[''] = array('text' => ' -- ' . _('Sensors no found') . ' -- '); $filters = array('order_by' => 'name'); $sensor_list = Av_sensor::get_basic_list($conn, $filters); $filters = array('order_by' => 'priority desc'); list($sensor_list, $sensor_total) = Av_sensor::get_list($conn, $filters); if ($sensor_total > 0) { $sensor_values = array(); foreach ($sensor_list as $s) { $properties = $s['properties']; if ($properties['has_nagios']) { $sensor_values[$s['ip']] = array('text' => $s['name']); } } } /* Nagios link */ $nagios_link = $conf->get_conf('nagios_link'); $scheme = empty($_SERVER['HTTPS']) ? 'http://' : 'https://'; $path = !empty($nagios_link) ? $nagios_link : '/nagios3/'; $port = !empty($_SERVER['SERVER_PORT']) ? ':' . $_SERVER['SERVER_PORT'] : ""; $nagios = $port . $path; $section_values = array(urlencode($nagios . 'cgi-bin/trends.cgi') => array('text' => _('Trends')), urlencode($nagios . 'cgi-bin/avail.cgi') => array('text' => _('Availability')), urlencode($nagios . 'cgi-bin/histogram.cgi') => array('text' => _('Event Histogram')), urlencode($nagios . 'cgi-bin/history.cgi?host=all') => array('text' => _('Event History')), urlencode($nagios . 'cgi-bin/summary.cgi') => array('text' => _('Event Summary')), urlencode($nagios . 'cgi-bin/notifications.cgi') => array('text' => _('Notifications')), urlencode($nagios . 'cgi-bin/showlog.cgi') => array('text' => _('Performance Info'))); $reports['availability_report'] = array('report_name' => _('Availability Report'), 'report_id' => 'availability_report', 'type' => 'external', 'link_id' => 'link_avr', 'click' => "nagios_link('avr_nagios_link', 'avr_sensor', 'avr_section');", 'parameters' => array(array('name' => _('Sensor'), 'id' => 'avr_sensor', 'type' => 'select', 'values' => $sensor_values), array('name' => 'Nagioslink', 'id' => 'avr_nagios_link', 'type' => 'hidden', 'default_value' => urlencode($scheme)), array('name' => _('Section'), 'id' => 'avr_section', 'type' => 'select', 'values' => $section_values)), 'access' => Session::menu_perms('environment-menu', 'MonitorsAvailability'), 'send_by_email' => 0); $db->close(); if ($id == NULL) { ksort($reports); return $reports; } else { return !empty($reports[$id]) ? $reports[$id] : array(); } }
echo _('Enable'); ?> </a></td> <?php } ?> <td> <table class="noborder"> <tr> <td class="small nobborder" nowrap='nowrap'><i><?php echo $event["timestamp"]; ?> </i> </td> <td class="small nobborder"> <?php $f_url = Menu::get_menu_url($acid_main_link . "&plugin=" . urlencode($sensor_plugin["plugin_id"]), 'analysis', 'security_events', 'security_events'); ?> <a href="<?php echo $f_url; ?> "><strong><?php echo $event["sig_name"]; ?> </strong></a> </td> </tr> </table> </td> </tr>
<img src='../pixmaps/risk_home.png' alt='<?php echo _('Home'); ?> ' title='<?php echo _("Go to default map"); ?> '/> </a> </div> <div class='rb_right btn_info'> <?php if (!empty($_SESSION['path_riskmaps'][$map]) && $_SESSION['path_riskmaps'][$map] != $map && preg_match('/view\\.php/', $_SERVER['HTTP_REFERER'])) { ?> <a href='<?php echo Menu::get_menu_url('view.php?back_map=' . $_SESSION['path_riskmaps'][$map], 'dashboard', 'riskmaps', 'overview'); ?> '> <img src='../pixmaps/risk_back.png' alt='<?php echo _('Previous'); ?> ' title='<?php echo _('Previous map'); ?> '/> </a> <?php } else { ?> <img src='../pixmaps/risk_back.png' class='bt_opacity' alt='<?php echo _('Previous');
$url .= $msg != NULL ? '&' : '?'; $url .= "action=expire_session&user_id={$exp_user}&token=" . Token::generate('tk_f_users'); } } ?> <script type='text/javascript'>document.location.href="<?php echo $url; ?> "</script> <?php } } else { $db->close(); if ($greybox) { $config_nt = array('content' => _('Invalid action - Operation cannot be completed'), 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align: left;'); $nt = new Notification('nt_1', $config_nt); $nt->show(); } else { $url = Menu::get_menu_url('users.php?msg=unknown_error', 'configuration', 'administration', 'users'); ?> <script type='text/javascript'>document.location.href="<?php echo $url; ?> ";</script> <?php } } ?> </body> </html>
foreach ($groups_engine as $group) { $refresh .= "\$('#flextable_eng_{$j}').flexReload();\n"; ?> <tr> <td valign="top" class='flex_eng'> <table id="flextable_eng_<?php echo $j; ?> " style="display:none"></table> <br> </td> </tr> <?php $j++; } $url = Menu::get_menu_url('/ossim/conf/index.php', 'configuration', 'administration', 'main'); $url .= "§ion=metrics#end"; ?> </table> <div style='width:98%;padding-bottom:20px;margin:0 auto;'> <div style='float:left;'> <a href="<?php echo $url; ?> " style="color:gray"> <?php echo _("Security Events process priority threshold"); ?> : <b><?php echo $server_logger_if_priority;
?> </b> </td> <td class="small nobborder center"> <?php echo $event['event_date']; ?> (<?php echo $ago; ?> ) </td> <td class="small nobborder"> <a href="<?php echo Menu::get_menu_url($acid_main_link . "&plugin=" . urlencode($plugin_id), 'analysis', 'security_events', 'security_events'); ?> "><b><?php echo $event['sig_name'] != '' ? $event['sig_name'] : '-'; ?> </b></a> </td> </tr> <?php } ?> </table> <?php $db->close();
$h_opt = $_SESSION['ri']['h_opt']; unset($_SESSION['ri']); $av_menu->set_menu_option($m_opt, $sm_opt); $av_menu->set_hmenu_option($h_opt); $_SESSION['av_menu'] = serialize($av_menu); ?> var url = "<?php echo $url; ?> "; <?php } else { $url = $av_menu->get_current_url(); ?> var url = "<?php echo Menu::get_menu_url($url, $av_menu->get_m_option(), $av_menu->get_sm_option(), $av_menu->get_h_option()); ?> "; <?php } ?> var b_url = av_menu.get_bookmark_url(); if(b_url != '') { url = b_url; } else {
echo $v_profile_id; ?> ' <?php echo $profile_data['selected']; ?> ><?php echo $profile_data['name&description']; ?> </option> <?php } ?> </select> <a href="<?php echo Menu::get_menu_url('settings.php', 'environment', 'vulnerabilities', 'scan_jobs'); ?> ">[ <?php echo _("EDIT PROFILES"); ?> ]</a> </td> </tr> <tr> <td class='job_option' style='vertical-align: top;'><div><?php echo _('Schedule Method:'); ?> </div></td> <td style='text-align:left'> <select name='schedule_type' id='scheduleM'>
<label for='service'><?php echo _('Service') . required(); ?> </label> </th> <td class="left"> <input type="text" class='vfield' name="service" id='service' value="<?php echo $service; ?> "/> </td> </tr> <?php if (Session::show_entities()) { $e_url = Menu::get_menu_url('../acl/entities.php', 'environment', 'assets', 'structure'); ?> <tr> <th> <label for='ctx'><?php echo _('Context') . required(); ?> </label><br/> <span><a href="<?php echo $e_url; ?> "><?php echo _("Insert new"); ?> ?</a></span> </th>
$geoloc->close(); break; // Honeypot VoIP - Last Week // Honeypot VoIP - Last Week case "honeypot_voip": $nodata_text .= _(" for <i>Honeypot</i>"); $sqlgraph = "select count(*) as num_events,x.userdata1 as name FROM alienvault_siem.acid_event a, alienvault_siem.extra_data x, alienvault.plugin_sid p WHERE p.plugin_id=a.plugin_id AND p.sid=a.plugin_sid AND p.category_id=19 AND a.id=x.event_id AND a.timestamp BETWEEN '" . gmdate("Y-m-d H:i:s", gmdate("U") - $range) . "' AND '" . gmdate("Y-m-d H:i:s") . "' {$sensor_where} group by x.userdata1 order by num_events desc limit 10"; //echo $sqlgraph; if (!($rg = $conn->Execute($sqlgraph))) { print $conn->ErrorMsg(); } else { while (!$rg->EOF) { if ($rg->fields['name'] == '') { $rg->fields['name'] = _("Unknown plugin"); } $url = Menu::get_menu_url($f_url . "&category%5B0%5D=19&userdata%5B0%5D=userdata1&userdata%5B1%5D=%3D&userdata%5B2%5D=" . $rg->fields['name'], 'analysis', 'security_events', 'security_events'); $data .= "['<a class=\"no_text_decoration\" href=\"{$url}\">" . str_replace('_', ' ', $rg->fields['name']) . "</a>'," . $rg->fields['num_events'] . "],"; $urls .= "'{$url}',"; $rg->MoveNext(); } } $colors = '"#FFFBCF","#EEE8AA","#F0E68C","#FFD700","#FF8C00","#DAA520","#D2691E","#B8860B","#7F631F"'; break; default: // ['Sony',7], ['Samsumg',13.3], ['LG',14.7], ['Vizio',5.2], ['Insignia', 1.2] $data = "['" . _('Unknown Type') . "', 100]"; } $data = preg_replace("/,\$/", '', $data); $urls = preg_replace("/,\$/", '', $urls); $db->close(); ?>
} // // pcap // if (!empty($binary)) { include "base_payload_pcap.php"; } } ExportHTTPVar("caller", $caller); echo "</FORM>\n\n"; if (array_key_exists("minimal_view", $_GET)) { echo "</FORM>\n\n"; ?> </div><br/><div class="center"> <button class="button" id="view_more" data-url="<?php echo Menu::get_menu_url(AV_MAIN_PATH . "/forensics/base_qry_alert.php?noheader=true&pag={$pag}&submit=" . rawurlencode($submit), 'analysis', 'security_events', 'security_events'); ?> "><?php echo _('View More'); ?> </button> </div><br/> <?php } ?> <link rel="stylesheet" type="text/css" href="/ossim/style/tipTip.css"/> <link rel="stylesheet" type="text/css" href="/ossim/style/jquery.dataTables.css"/> <script type="text/javascript" src="/ossim/js/jquery.tipTip-ajax.js"></script> <script type="text/javascript" src="/ossim/js/jquery.dataTables.js"></script>
$src_img = $src_output['html_icon']; // Dst if ($no_resolv || !$dst_host) { $s_dst_name = $s_dst_ip; $ctx_dst = $ctx; } elseif ($dst_host) { $s_dst_name = $dst_host->get_name(); $ctx_dst = $dst_host->get_ctx(); } // Dst icon and bold $dst_output = Asset_host::get_extended_name($conn, $geoloc, $s_dst_ip, $ctx_dst, $event_info["dst_host"], $event_info["dst_net"]); $homelan_dst = $dst_output['is_internal']; $dst_img = $dst_output['html_icon']; // Clean icon hover tiptip $s_src_link = Menu::get_menu_url("../forensics/base_stat_ipaddr.php?clear_allcriteria=1&ip={$s_src_ip}", 'analysis', 'security_events', 'security_events'); $s_dst_link = Menu::get_menu_url("../forensics/base_stat_ipaddr.php?clear_allcriteria=1&ip={$s_dst_ip}", 'analysis', 'security_events', 'security_events'); $s_src_port = $s_src_port != 0 ? ":" . Port::port2service($conn, $s_src_port) : ""; $s_dst_port = $s_dst_port != 0 ? ":" . Port::port2service($conn, $s_dst_port) : ""; // Reputation info $rep_src_icon = Reputation::getrepimg($event_info["rep_prio_src"], $event_info["rep_rel_src"], $event_info["rep_act_src"], $s_src_ip); //$rep_src_bgcolor = Reputation::getrepbgcolor($event_info["rep_prio_src"]); $rep_dst_icon = Reputation::getrepimg($event_info["rep_prio_dst"], $event_info["rep_rel_dst"], $event_info["rep_act_dst"], $s_dst_ip); //$rep_dst_bgcolor = Reputation::getrepbgcolor($event_info["rep_prio_dst"]); $c_src_homelan = $homelan_src ? 'bold alarm_netlookup' : ''; $source_link = $src_img . " <a href='{$s_src_link}' class='{$c_src_homelan}' data-title='{$s_src_ip}-{$ctx_src}' title='{$s_src_ip}'>" . $s_src_name . $s_src_port . "</a> {$rep_src_icon}"; $source_balloon = "<div id='" . $s_src_ip . ";" . $s_src_name . ";" . $event_info["src_host"] . "' ctx='{$ctx}' id2='" . $s_src_ip . ";" . $s_dst_ip . "' class='HostReportMenu'>"; $source_balloon .= $source_link; $source_balloon .= "</div>"; $c_dst_homelan = $homelan_dst ? 'bold alarm_netlookup' : ''; $dest_link = $dst_img . " <a href='{$s_dst_link}' class='{$c_dst_homelan}' data-title='{$s_dst_ip}-{$ctx_dst}' title='{$s_dst_ip}'>" . $s_dst_name . $s_dst_port . "</a> {$rep_dst_icon}"; $dest_balloon = "<div id='" . $s_dst_ip . ";" . $s_dst_name . ";" . $event_info["dst_host"] . "' ctx='{$ctx}' id2='" . $s_dst_ip . ";" . $s_src_ip . "' class='HostReportMenu'>";
} else { $data = "['" . _("No tickets") . "',0]"; $colors = '"#E9967A"'; } break; case 'ticketTags': $type_graph = 'pie'; $legend = empty($_GET['legend']) ? "w" : GET('legend'); $ticket_by_tags = Incident::incidents_by_tag($conn, null, $user); $i = 0; if (is_array($ticket_by_tags) && !empty($ticket_by_tags)) { if ($i < 10) { foreach ($ticket_by_tags as $type => $ocurrences) { $type_short = strlen($type) > 28 ? substr($type, 0, 25) . " [...]" : $type; $data[] = "['" . $type_short . "'," . $ocurrences . "]"; $links[] = Menu::get_menu_url("../incidents/index.php?tag=" . Incident::get_id_by_tag($conn, $type) . "&status=not_closed", 'analysis', 'tickets', 'tickets'); } } else { break; } $data = implode(",", $data); $links = "'" . implode("','", $links) . "'"; } else { $data = "['" . _("No tickets") . "',0]"; $colors = '"#E9967A"'; } break; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en">
<?php if (count($info_error) > 0 || $content != '') { $config_nt = array('content' => count($info_error) > 0 ? implode("<br/>", $info_error) : $content, 'options' => array('type' => $type != '' ? $type : 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align: left;'); $nt = new Notification('nt_1', $config_nt); $nt->show(); } ?> <script type="text/javascript"> //<![CDATA[ <?php $url = "index.php?src=" . urlencode($src) . "&dst=" . urlencode($dst) . "&timeout=" . urlencode($timeout) . "&cap_size=" . urlencode($cap_size) . "&raw_filter=" . urlencode($raw_filter) . "&sensor_ip=" . urlencode($sensor_ip) . "&sensor_interface=" . urlencode($sensor_interface); if (count($info_error) > 0) { $url .= "&soptions=1"; } $m_url = Menu::get_menu_url($url, 'environment', 'traffic_capture', 'traffic_capture'); ?> setTimeout("document.location.href='<?php echo $m_url; ?> '", <?php echo $jtimeout; ?> ); //]]> </script> </body> </html> <?php $db->close();
function list_results($type, $value, $ctx_filter, $sortby, $sortdir) { global $allres, $offset, $pageSize, $dbconn; global $user, $arruser; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); $filteredView = FALSE; $selRadio = array("", "", "", ""); $query_onlyuser = ""; $url_filter = ""; // Deprecated filter //if(!empty($arruser)) {$query_onlyuser = "******";} $sortby = "t1.results_sent DESC, t1.hostIP DESC"; $sortdir = ""; $queryw = ""; $queryl = ""; $querys = "SELECT distinct t1.hostIP, HEX(t1.ctx) as ctx, t1.scantime, t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t1.sid, t3.name as profile\n FROM vuln_nessus_latest_reports AS t1 LEFT JOIN vuln_nessus_settings AS t3 ON t1.sid = t3.id, vuln_nessus_latest_results AS t5\n WHERE\n t1.hostIP = t5.hostIP\n AND t1.ctx = t5.ctx\n AND t1.deleted = '0' "; // set up the SQL query based on the search form input (if any) if ($type == "scantime" && $value != "") { $selRadio[0] = "CHECKED"; $q = $value; $queryw = " AND t1.scantime LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Date/Time") . "</b> = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "service" && $value != "") { $selRadio[5] = "CHECKED"; $q = $value; $queryw = " AND t5.service LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Service") . "</b> = '*" . html_entity_decode($q) . "*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "freetext" && $value != "") { $selRadio[6] = "CHECKED"; $q = $value; $queryw = " AND t5.msg LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Free Text") . "</b> = '*" . html_entity_decode($q) . "*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "hostip" && $value != "") { $selRadio[1] = "CHECKED"; $q = strtolower($value); $queryw = " t1.hostIP LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for Host-IP") . "</b> = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "fk_name" && $value != "") { $selRadio[2] = "CHECKED"; $q = strtolower($value); $queryw = " AND t1.fk_name LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = _("Search for Subnet/CIDR") . " = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "username" && $value != "") { $selRadio[3] = "CHECKED"; $q = strtolower($value); $queryw = " AND t1.username LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = "<b>" . _("Search for user") . "</b> = '*{$q}*'"; $url_filter = "&type={$type}&value={$value}"; } else { if ($type == "hn" && $value != "") { if (!empty($ctx_filter)) { $queryw = " AND t1.ctx=UNHEX('{$ctx_filter}')"; } $selRadio[4] = "CHECKED"; if (preg_match("/\\//", $value)) { $ip_range = array(); $ip_range = Cidr::expand_CIDR($value, "SHORT"); $queryw .= " AND (inet_aton(t1.hostIP) >= '" . $ip_range[0] . "' AND inet_aton(t1.hostIP) <='" . $ip_range[1] . "') {$query_onlyuser} order by {$sortby} {$sortdir}"; } elseif (preg_match("/\\,/", $value)) { $q = implode("','", explode(",", $value)); $queryw .= " AND t1.hostIP in ('{$q}') {$query_onlyuser} order by {$sortby} {$sortdir}"; $q = "Others"; } else { $q = $value; $queryw .= " AND t1.hostIP LIKE '{$q}' {$query_onlyuser} order by {$sortby} {$sortdir}"; } $queryl = " limit {$offset},{$pageSize}"; if (!preg_match("/\\//", $value)) { $stext = "<b>" . _("Search for Host") . "</b> = '" . html_entity_decode($q) . "'"; } else { $stext = "<b>" . _("Search for Subnet/CIDR") . "</b> = '{$value}'"; } $url_filter = "&type={$type}&value={$value}"; } else { $selRadio[4] = "CHECKED"; $viewAll = FALSE; $queryw = "{$query_onlyuser} order by {$sortby} {$sortdir}"; $queryl = " limit {$offset},{$pageSize}"; $stext = ""; } } } } } } } // set up the pager and search fields if viewing all hosts $reportCount = 0; if (!$filteredView) { $dbconn->Execute(str_replace("SELECT distinct", "SELECT SQL_CALC_FOUND_ROWS distinct", $querys) . $queryw); $reportCount = $dbconn->GetOne("SELECT FOUND_ROWS() as total"); $previous = $offset - $pageSize; if ($previous < 0) { $previous = 0; } $last = intval($reportCount / $pageSize) * $pageSize; if ($last < 0) { $last = 0; } $next = $offset + $pageSize; $pageEnd = $offset + $pageSize; $value = html_entity_decode($value); //echo "<center><table cellspacing='0' cellpadding='0' border='0' width='100%'><tr><td class='headerpr' style='border:0;'>"._("Current Vulnerablities")."</td></tr></table>"; // output the search form echo "<table class='w100 transparent'>"; echo "<tr><td class='sec_title'>" . _("Asset Vulnerability Details") . "</td></tr>"; echo "<tr><td style='padding:12px 0px 0px 0px;' class='transparent'>"; ?> <div id='cvleftdiv'> <a id="new_scan_button" class="button" href="<?php echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs'); ?> " style="text-decoration:none;"> <?php echo _("New Scan Job"); ?> </a> </div> <div id='cvrightdiv'> <?php echo '<form name="hostSearch" id="hostSearch" action="index.php" method="GET"> <input type="text" length="25" name="value" id="assets" class="assets" style="margin:0px !important;" value="' . Util::htmlentities($value) . '">'; // cvfiltertype -> current vulnerabilities filter type echo "\n<input type=\"radio\" name=\"type\" value=\"service\" {$selRadio['5']}>" . _("Service") . "\n<input type=\"radio\" name=\"type\" value=\"freetext\" {$selRadio['6']}>" . _("Free text") . "\n<input type=\"radio\" name=\"type\" value=\"hn\" {$selRadio['4']}>" . _("Host/Net") . "\n"; echo "<input type=\"submit\" name=\"submit\" value=\"" . _("Find") . "\" id=\"current_vulns_find_button\" class=\"av_b_secondary small\" style=\"margin-left:15px;\">"; echo <<<EOT </form> </p> EOT; } else { // get the search result count $queryc = "SELECT count( report_id ) FROM vuln_nessus_latest_reports WHERE t1.deleted = '0' "; $scount = $dbconn->GetOne($queryc . $queryw); echo "<p>{$scount} report"; if ($scount != 1) { echo "s"; } else { } echo " " . _("found matching search criteria") . " | "; echo " <a href='index.php' alt='" . _("View All Reports") . "'>" . _("View All Reports") . "</a></p>"; } echo "<p>"; echo $stext; echo "</p>"; echo "</div></td></tr></table>"; $result = array(); // get the hosts to display $result = $dbconn->GetArray($querys . $queryw . $queryl); // main query //echo $querys.$queryw.$queryl; $delete_ids = array(); if (count($result) > 0) { foreach ($result as $rpt) { $delete_ids[] = $dreport_id = $rpt["report_id"]; } } $_SESSION["_dreport_ids"] = implode(",", $delete_ids); //echo "$querys$queryw$queryl"; if ($result === false) { $errMsg[] = _("Error getting results") . ": " . $dbconn->ErrorMsg(); $error++; dispSQLError($errMsg, $error); } else { $data['vInfo'] = 0; $data['vLow'] = 0; $data['vMed'] = 0; $data['vHigh'] = 0; $data['vSerious'] = 0; $perms_where = Asset_host::get_perms_where('host.', TRUE); if (!empty($perms_where)) { $queryt = "SELECT count(lr.result_id) AS total, lr.risk, lr.hostIP, HEX(lr.ctx) AS ctx\n FROM vuln_nessus_latest_results lr, host, host_ip hi\n WHERE host.id=hi.host_id AND inet6_ntoa(hi.ip)=lr.hostIP {$perms_where} AND falsepositive='N'\n GROUP BY risk, hostIP, ctx"; } else { $queryt = "SELECT count(lr.result_id) AS total, risk, lr.hostIP, HEX(lr.ctx) AS ctx\n FROM vuln_nessus_latest_results lr\n WHERE falsepositive='N'\n GROUP BY risk, hostIP, ctx"; } //echo "$queryt<br>"; $resultt = $dbconn->Execute($queryt); while (!$resultt->EOF) { $riskcount = $resultt->fields['total']; $risk = $resultt->fields['risk']; if ($risk == 7) { $data['vInfo'] += $riskcount; } else { if ($risk == 6) { $data['vLow'] += $riskcount; } else { if ($risk == 3) { $data['vMed'] += $riskcount; } else { if ($risk == 2) { $data['vHigh'] += $riskcount; } else { if ($risk == 1) { $data['vSerious'] += $riskcount; } } } } } $resultt->MoveNext(); } if ($data['vInfo'] == 0 && $data['vLow'] == 0 && $data['vMed'] == 0 && $data['vHigh'] == 0 && $data['vSerious'] == 0) { $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "", "plink" => "", "xlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']); } else { $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "lr_reshtml.php?ipl=all&disp=html&output=full&scantype=M", "plink" => "lr_respdf.php?ipl=all&scantype=M", "xlink" => "lr_rescsv.php?ipl=all&scantype=M", "dlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']); } foreach ($result as $data) { if (!Session::hostAllowed_by_ip_ctx($dbconn, $data["hostIP"], $data["ctx"])) { continue; } $host_id = key(Asset_host::get_id_by_ips($dbconn, $data["hostIP"], $data["ctx"])); if (valid_hex32($host_id)) { $data['host_name'] = Asset_host::get_name_by_id($dbconn, $host_id); } $data['vSerious'] = 0; $data['vHigh'] = 0; $data['vMed'] = 0; $data['vLow'] = 0; $data['vInfo'] = 0; // query for reports for each IP $query_risk = "SELECT distinct risk, port, protocol, app, scriptid, msg, hostIP FROM vuln_nessus_latest_results WHERE hostIP = '" . $data['hostIP']; $query_risk .= "' AND username = '******'username'] . "' AND sid =" . $data['sid'] . " AND ctx = UNHEX('" . $data['ctx'] . "') AND falsepositive='N'"; $result_risk = $dbconn->Execute($query_risk); while (!$result_risk->EOF) { if ($result_risk->fields["risk"] == 7) { $data['vInfo']++; } else { if ($result_risk->fields["risk"] == 6) { $data['vLow']++; } else { if ($result_risk->fields["risk"] == 3) { $data['vMed']++; } else { if ($result_risk->fields["risk"] == 2) { $data['vHigh']++; } else { if ($result_risk->fields["risk"] == 1) { $data['vSerious']++; } } } } } $result_risk->MoveNext(); } $data['plink'] = "lr_respdf.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype']; $data['hlink'] = "lr_reshtml.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype']; $data['xlink'] = "lr_rescsv.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype']; if (Session::am_i_admin()) { $data['dlink'] = "index.php?delete=" . $data['report_key'] . "&scantime=" . $data['scantime']; } $list = explode("\n", trim($data['meth_target'])); if (count($list) == 1) { $list[0] = trim($list[0]); $data['target'] = resolve_asset($dbconn, $list[0]); } elseif (count($list) == 2) { $list[0] = trim($list[0]); $list[0] = resolve_asset($dbconn, $list[0]); $list[1] = trim($list[1]); $list[1] = resolve_asset($dbconn, $list[1]); $data['target'] = $list[0] . ' ' . $list[1]; } else { $list[0] = trim($list[0]); $list[0] = resolve_asset($dbconn, $list[0]); $list[count($list) - 1] = trim($list[count($list) - 1]); $list[count($list) - 1] = resolve_asset($dbconn, $list[count($list) - 1]); $data['target'] = $list[0] . " ... " . $list[count($list) - 1]; } $tdata[] = $data; } if ($sortdir == "ASC") { $sortdir = "DESC"; } else { $sortdir = "ASC"; } $url = $_SERVER['SCRIPT_NAME'] . "?offset={$offset}&sortby=%var%&sortdir={$sortdir}" . $url_filter; $fieldMapLinks = array(); $fieldMapLinks = array(gettext("HTML Results") => array('url' => '%param%', 'param' => 'hlink', 'target' => 'main', 'icon' => 'images/html.png'), gettext("PDF Results") => array('url' => '%param%', 'param' => 'plink', 'target' => '_blank', 'icon' => 'images/pdf.png'), gettext("EXCEL Results") => array('url' => '%param%', 'param' => 'xlink', 'target' => '_blank', 'icon' => 'images/page_white_excel.png')); if (Session::am_i_admin()) { $fieldMapLinks["DELETE Results"] = array('url' => '%param%', 'param' => 'dlink', 'target' => 'main', 'icon' => 'images/delete.gif'); } $fieldMap = array("Host - IP" => array('var' => 'hostip'), "Date/Time" => array('var' => 'scantime'), "Profile" => array('var' => 'profile'), "Serious" => array('var' => 'vSerious'), "High" => array('var' => 'vHigh'), "Medium" => array('var' => 'vMed'), "Low" => array('var' => 'vLow'), "Info" => array('var' => 'vInfo'), "Links" => $fieldMapLinks); // echo "<pre>"; // var_dump($tdata); // echo "</pre>"; if (count($tdata) > 1) { drawTableLatest($fieldMap, $tdata, "Hosts"); } elseif (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<br><span class='gray'>" . _("No results found: ") . "</span><a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs') . "'>" . _("Click here to run a Vulnerability Scan now") . "</a><br><br>"; } } // draw the pager again, if viewing all hosts if (!$filteredView && $reportCount > 10) { ?> <div class="fright tmargin"> <?php if ($next > $pageSize) { ?> <a href="index.php?<?php echo "offset={$previous}{$url_filter}"; ?> " class="pager">< <?php echo _("PREVIOUS"); ?> </a> <?php } else { ?> <a class='link_paginate_disabled' href="" onclick='return false'>< <?php echo _("PREVIOUS"); ?> </a> <?php } if ($next <= $last) { ?> <a class='lmargin' href="index.php?<?php echo "offset={$next}{$url_filter}"; ?> "> <?php echo _("NEXT"); ?> ></a> <?php } else { ?> <a class='link_paginate_disabled lmargin' href="" onclick='return false'><?php echo _("NEXT"); ?> ></a> <?php } ?> </div> <?php } else { echo "<p> </p>"; } }
function BuildIDMLink($idmvalue, $field, $source = "both") { require_once 'classes/menu.inc'; $url = Menu::get_menu_url('base_qry_main.php?new=2&num_result_rows=-1&submit=Query+DB¤t_view=-1' . BuildIDMVars($idmvalue, $field, $source), 'analysis', 'security_events', 'security_events'); return '<a style="color:navy;" href="' . $url . '"></a>'; }
?> </span> <span class="s_info">/ <?php echo _('Totals'); ?> : </span> <span class="s_info" style="color:#000000;font-weight:bold;"><?php echo $totales; ?> </span> <span class="s_info"> ]</span> <?php if (is_array($db_sensor_list) && !in_array($ip, $db_sensor_list)) { echo "<span style='margin-left: 15px;'>"; echo "<b>" . _("Warning") . "</b>:" . _("The sensor is being reported as enabled by the server but isn't configured."); echo " " . _("Click") . " <a href='" . Menu::get_menu_url("/ossim/sensor/newsensorform.php?ip={$ip}", "configuration", "deployment", "components", "sensors") . "'>" . _("here") . "</a> " . _("to configure the sensor") . "."; echo "</span>"; } ?> </td> </tr> </table> </td> </tr> <tr> <td colspan='2' height="1"></td> </tr> <tr> <td class="noborder"></td>
} catch(err) { } $('#loading_si').remove(); $('#sensor_f').show(); if (!top.is_lightbox_loaded(window.name)) { $('#sensor_f').contents().find('.c_back_button').off(); $('#sensor_f').contents().find('.c_back_button').click(function(){ var url = '<?php echo Menu::get_menu_url("/ossim/sensor/sensor.php", "configuration", "deployment", "components", "sensors"); ?> '; top.frames["main"].document.location.href = url; return false; }) $('#sensor_f').contents().find('.c_back_button').show(); } }); /*************************************************** ********************* Services ********************* *****************************************************/
</th> <td class="left"> <select name="location" id="location" class='vfield'> <?php $locations = Locations::get_list($conn); foreach ($locations as $lc) { echo "<option value='" . $lc->get_id() . "'>" . $lc->get_name() . "</option>"; } ?> </select> </td> </tr> <?php } else { if (Session::show_entities()) { $e_url = Menu::get_menu_url('../acl/entities.php', 'configuration', 'administration', 'users', 'structure'); ?> <tr> <th> <label for='entities'><?php echo _('Context') . required(); ?> </label><br/> </th> <td class="nobborder"> <table id='t_entities' class="transparent"> <tr> <td class="noborder left"> <div id="tree"></div> </td>
* External URLs */ /* Whois query */ $external_whois_link = 'http://www.dnsstuff.com/tools/whois/?ip='; /* Alternative query */ // $external_whois_link = 'http://www.samspade.org/t/ipwhois?a='; /* DNS query */ $external_dns_link = 'http://www.dnsstuff.com/tools/ipall/?ip='; /* Alternative query */ // $external_dns_link = 'http://www.samspade.org/t/dns?a='; /* SamSpade "all" query */ $external_all_link = 'http://www.whois.sc/'; /* TCP/UDP port database */ $external_port_link = array('sans' => 'http://isc.sans.org/port_details.php?port=', 'tantalo' => 'http://ports.tantalo.net/?q=', 'sstats' => 'http://www.securitystats.com/tools/portsearch.php?type=port&select=any&Submit=Submit&input='); /* Signature references */ $external_sig_link = array('bugtraq' => array('http://www.securityfocus.com/bid/', '', ''), 'snort' => array('http://www.snort.org/pub-bin/sigs.cgi?sid=', '', ''), 'cve' => array('http://cve.mitre.org/cgi-bin/cvename.cgi?name=', '', ''), 'mcafee' => array('http://vil.nai.com/vil/content/v_', '.htm', ''), 'icat' => array('http://nvd.nist.gov/nvd.cfm?cvename=CAN-', '', ''), 'nessus' => array('http://www.nessus.org/plugins/index.php?view=single&id=', '', ''), 'kdb' => array(Menu::get_menu_url('../repository/index.php', 'configuration', 'threat_intelligence', 'knowledgebase'), '', 'main'), 'url' => array('http://', '', ''), 'local' => array('signatures/', '.txt', '')); // No longer valid: // 'arachnids' => array('http://www.whitehats.com/info/ids', ''), /* Email Alert action * * - action_email_from : email address to use in the FROM field of the mail message * - action_email_subject : subject to use for the mail message * - action_email_msg : additional text to include in the body of the mail message * - action_email_mode : specifies how the alert information should be enclosed * 0 : alerts should be in the body of the message * 1 : alerts should be enclosed in an attachment */ $action_email_from = 'BASE Alert <base>'; $action_email_subject = 'BASE Incident Report'; $action_email_msg = ''; $action_email_mode = 0;
$s_ips[] = "'{$sensor}': '{$sip}'"; $s_devs[] = "'{$sensor}': '{$devices}'"; $i++; } if (empty($legend)) { exit_radar(); } $legend = implode(",\n", $legend); $label = implode(",\n", $label); $s_ips = implode(",", $s_ips); $s_devs = implode(",", $s_devs); } else { exit_radar(); } session_write_close(); $forensic_url = Menu::get_menu_url("/ossim/forensics/base_qry_main.php?&hmenu=Forensics&smenu=Forensics&clear_allcriteria=1&sort_order=time_d&plugin=PPPP&sensor=SSSS&sip=IIII", 'analysis', 'security_events'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title><?php echo _("Radar Chart"); ?> </title> <?php //CSS Files $_files = array(array('src' => 'av_common.css?only_common=1', 'def_path' => TRUE), array('src' => 'dashboard/overview/widget.css', 'def_path' => TRUE)); Util::print_include_files($_files, 'css');
//Tooltips $(".info").tipTip({maxWidth: 'auto'}); $('#scan_mode').trigger('change'); $('#timing_template').trigger('change'); } //Scan host locally with function scan_host(id) { var url = '<?php echo Menu::get_menu_url("../netscan/index.php", 'environment', 'assets', 'asset_discovery'); ?> '; var form = $('<form id="f_local_scan" action="' + url + '" method="POST">' + '<input type="hidden" name="action" value="custom_scan"/>' + '<input type="hidden" name="host_id" value="'+id+'"/>' + '<input type="hidden" name="sensor" value="local"/>' + '<input type="hidden" name="scan_mode" value="fast"/>' + '<input type="hidden" name="timing_template" value="-T5"/>' + '<input type="hidden" name="autodetected" value="1"/>' + '<input type="hidden" name="rdns" value="1"/>' + '</form>'); $('body').append(form);
function main_page($viewall, $sortby, $sortdir) { global $uroles, $username, $dbconn, $hosts; global $arruser, $user; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); $tz = Util::get_timezone(); if ($sortby == "") { $sortby = "id"; } if ($sortdir == "") { $sortdir = "DESC"; } $sql_order = "order by {$sortby} {$sortdir}"; if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { ?> <div style="width:50%; position: relative; height: 5px; float:left"> <div style="width:100%; position: absolute; top: -41px;left:0px;"> <div style="float:left; height:28px; margin:5px 5px 0px 0px;"> <a class="button" href="<?php echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?smethod=schedule&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs'); ?> "> <?php echo _("New Scan Job"); ?> </a> </div> <div style="float:left;height:28px;margin:5px 5px 0px -2px;"> <a class="greybox button av_b_secondary" href="import_nbe.php" title="<?php echo _("Import nbe file"); ?> "> <?php echo _("Import nbe file"); ?> </a> </div> </div> </div> <?php } if (intval($_GET['page']) != 0) { $page = intval($_GET['page']); } else { $page = 1; } $pagesize = 10; if ($username == "admin") { $query = "SELECT count(id) as num FROM vuln_jobs"; } else { $query = "SELECT count(id) as num FROM vuln_jobs where username='******'"; } $result = $dbconn->Execute($query); $jobCount = $result->fields["num"]; $num_pages = ceil($jobCount / $pagesize); //echo "num_pages:[".$num_pages."]"; //echo "jobCount:[".$jobCount."]"; //echo "page:[".$page."]"; if (Vulnerabilities::scanner_type() == "omp") { // We can display scan status with OMP protocol echo Vulnerabilities::get_omp_running_scans($dbconn); } else { // Nessus all_jobs(0, 10, "R"); } ?> <?php $schedulejobs = _("Scheduled Jobs"); echo <<<EOT <table style='margin-top:20px;' class='w100 transparent'><tr><td class='sec_title'>{$schedulejobs}</td></tr></table> <table summary="Job Schedules" class='w100 table_list'> EOT; if ($sortdir == "ASC") { $sortdir = "DESC"; } else { $sortdir = "ASC"; } $arr = array("name" => "Name", "schedule_type" => "Schedule Type", "time" => "Time", "next_CHECK" => "Next Scan", "enabled" => "Status"); // modified by hsh to return all scan schedules if (empty($arruser)) { $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id "; } else { $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id WHERE username in ({$user}) "; } $query .= $sql_order; $result = $dbconn->execute($query); if ($result->EOF) { echo "<tr><td class='empty_results' height='20' style='text-align:center;'>" . _("No Scheduled Jobs") . "</td></tr>"; } if (!$result->EOF) { echo "<tr>"; foreach ($arr as $order_by => $value) { echo "<th><a href=\"manage_jobs.php?sortby={$order_by}&sortdir={$sortdir}\">" . _($value) . "</a></th>"; } if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<th>" . _("Action") . "</th></tr>"; } } $colors = array("#FFFFFF", "#EEEEEE"); $color = 0; while (!$result->EOF) { list($profile, $targets, $schedid, $schedname, $schedtype, $sid, $timeout, $user, $schedstatus, $nextscan, $servers) = $result->fields; $name = Av_sensor::get_name_by_id($dbconn, $servers); $servers = $name != '' ? $name : "unknown"; $targets_to_resolve = explode("\n", $targets); $ttargets = array(); foreach ($targets_to_resolve as $id_ip) { if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+\\/\\d{1,2}/i", $id_ip, $found) && Asset_net::is_in_db($dbconn, $found[1])) { $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_net::get_name_by_id($dbconn, $found[1]) . ")"; } else { if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+/i", $id_ip, $found) && Asset_host::is_in_db($dbconn, $found[1])) { $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_host::get_name_by_id($dbconn, $found[1]) . ")"; } else { $ttargets[] = preg_replace("/[a-f\\d]{32}/i", "", $id_ip); } } } $targets = implode("<BR/>", $ttargets); $tz = intval($tz); $nextscan = gmdate("Y-m-d H:i:s", Util::get_utc_unixtime($nextscan) + 3600 * $tz); preg_match("/\\d+\\-\\d+\\-\\d+\\s(\\d+:\\d+:\\d+)/", $nextscan, $found); $time = $found[1]; switch ($schedtype) { case "N": $stt = _("Once (Now)"); break; case "O": $stt = _("Once"); break; case "D": $stt = _("Daily"); break; case "W": $stt = _("Weekly"); break; case "M": $stt = _("Monthly"); break; case "Q": $stt = _("Quarterly"); break; case "H": $stt = _("On Hold"); break; case "NW": $stt = _("N<sup>th</sup> weekday of the month"); break; default: $stt = " "; break; } switch ($schedstatus) { case "1": $itext = _("Disable Scheduled Job"); $isrc = "images/stop_task.png"; $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=0"; break; default: $itext = _("Enable Scheduled Job"); $isrc = "images/play_task.png"; $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=1"; break; } if (!Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { $ilink = "javascript:return false;"; } if ($schedstatus) { $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"green\">" . _("Enabled") . "</font></a></td>"; } else { $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"red\">" . _("Disabled") . "</font></a></td>"; } require_once 'classes/Security.inc'; if (valid_hex32($user)) { $user = Session::get_entity_name($dbconn, $user); } echo "<tr bgcolor=\"" . $colors[$color % 2] . "\">"; if ($profile == "") { $profile = _("Default"); } echo "<td><span class=\"tip\" title=\"<b>" . _("Owner") . ":</b> {$user}<br><b>" . _("Server") . ":</b> {$servers}<br /><b>" . _("Scheduled Job ID") . ":</b> {$schedid}<br><b>" . _("Profile") . ":</b> {$profile}<br><b>" . _("Targets") . ":</b><br>" . $targets . "\">{$schedname}</span></td>"; ?> <td><?php echo $stt; ?> </td> <td><?php echo $time; ?> </td> <td><?php echo $nextscan; ?> </td> <?php echo <<<EOT {$txt_enabled} <td style="padding-top:2px;"><a href="{$ilink}"><img alt="{$itext}" src="{$isrc}" border=0 title="{$itext}"></a> EOT; if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?disp=edit_sched&sched_id=' . $schedid, 'environment', 'vulnerabilities', 'scan_jobs') . "'><img src='images/pencil.png' title='" . _("Edit Scheduled") . "'></a> "; echo "<a href='manage_jobs.php?disp=delete&schedid={$schedid}' onclick='return confirmDelete();'><img src='images/delete.gif' title='" . gettext("Delete Scheduled") . "'></a>"; } echo "</td>"; echo <<<EOT </tr> EOT; $result->MoveNext(); $color++; } echo <<<EOT </table> EOT; ?> <br /> <?php $out = all_jobs(($page - 1) * $pagesize, $pagesize); ?> <table width="100%" align="center" class="transparent" cellspacing="0" cellpadding="0"> <tr> <td class="nobborder" valign="top" style="padding-top:5px;"> <div class="fright"> <?php if ($out != 0 && $num_pages != 1) { $page_url = "manage_jobs.php"; if ($page == 1 && $page == $num_pages) { echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>'; } elseif ($page == 1) { echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a> '; } elseif ($page == $num_pages) { echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>'; } else { echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a><a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a>'; } } ?> </div> </td> </tr> </table> <?php }
?> ] = new Array(24); eprev[<?php echo $i; ?> ] = 0; efade[<?php echo $i; ?> ] = 0; <?php } ?> var forensic_url = "<?php echo Menu::get_menu_url('/ossim/forensics/base_qry_alert.php', 'analysis', 'security_events'); ?> "; function draw_edata() { if (pause == false) { fadescount = 0; for (var i=0; i<<?php echo $max_rows; ?> ; i++) { // Calculate different rows efade[i] = ( eprev[i] == edata[i][0] ) ? 0 : 1;
$chk_ats[1] = $alarm_to_syslog == 1 ? "checked='checked' {$dis_sim}" : "{$dis_sim}"; $chk_rep[0] = $rep == 0 ? "checked='checked' {$dis_sim}" : "{$dis_sim}"; $chk_rep[1] = $rep == 1 ? "checked='checked' {$dis_sim}" : "{$dis_sim}"; $chk_sem[0] = $sem == 0 ? "checked='checked' {$dis_opens} " : "{$dis_opens} "; $chk_sem[1] = $sem == 1 ? "checked='checked' {$dis_opens} " : "{$dis_opens} "; $chk_multi[0] = $sem == 0 && $sim == 0 ? "checked='checked' {$dis_opens} " : "{$dis_opens} "; $chk_multi[1] = $sem == 1 || $sim == 1 ? "checked='checked' {$dis_opens} " : "{$dis_opens} "; $chk_sim[0] = $sim == 0 ? "checked='checked'" : ""; $chk_sim[1] = $sim == 1 ? "checked='checked'" : ""; $chk_sign[0] = $sign == 0 ? "checked='checked' {$dis_sign}" : "{$dis_sign}"; $chk_sign[1] = $sign == 1 ? "checked='checked' {$dis_sign}" : "{$dis_sign}"; $chk_resend_events[0] = $resend_events == 0 ? "checked='checked' {$dis_resend}" : "{$dis_resend}"; $chk_resend_events[1] = $resend_events == 1 ? "checked='checked' {$dis_resend}" : "{$dis_resend}"; $chk_resend_alarms[0] = $resend_alarms == 0 ? "checked='checked' {$dis_resend}" : "{$dis_resend}"; $chk_resend_alarms[1] = $resend_alarms == 1 ? "checked='checked' {$dis_resend}" : "{$dis_resend}"; $back_url = Menu::get_menu_url("/ossim/server/server.php", "configuration", "deployment", "components", "servers"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo _('OSSIM Framework'); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <meta http-equiv="Pragma" content="no-cache"/> <link rel="stylesheet" type="text/css" href="../style/av_common.css?t=<?php echo Util::get_css_id(); ?> "/> <script type="text/javascript" src="../js/jquery.min.js"></script>
function PrintBASESubHeader($page_title, $page_name, $back_link, $refresh = 0, $page = "") { global $db, $timetz, $debug_mode, $BASE_VERSION, $BASE_path, $BASE_urlpath, $html_no_cache, $max_script_runtime, $Use_Auth_System, $stat_page_refresh_time, $refresh_stat_page, $ossim_servers, $sensors, $hosts, $database_servers, $DBlib_path, $DBtype, $db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password, $entities; if (ini_get("safe_mode") != true) { set_time_limit($max_script_runtime); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo gettext("iso-8859-1"); ?> "/> <?php if ($html_no_cache == 1) { ?> <meta http-equiv="pragma" content="no-cache"/><?php } ?> <?php if ($refresh == 1 && !$_SESSION['norefresh']) { PrintFreshPage($refresh_stat_page, $stat_page_refresh_time); } ?> <!-- Included Styles --> <link rel="stylesheet" type="text/css" href="/ossim/style/av_common.css?t=<?php echo Util::get_css_id(); ?> "/> <link rel="stylesheet" type="text/css" href="/ossim/style/analysis/security_events/security_events.css"/> <link rel="stylesheet" type="text/css" href="/ossim/style/jquery-ui.css"/> <link rel="stylesheet" type="text/css" href="/ossim/style/jquery.tag-it.css"/> <!-- <link rel="stylesheet" type="text/css" href="/ossim/style/flexigrid.css"/> --> <link rel="stylesheet" type="text/css" href="/ossim/style/jquery.autocomplete.css"/> <link rel="stylesheet" type="text/css" href="/ossim/style/tipTip.css"/> <link rel="stylesheet" type="text/css" href="/ossim/style/jslider.css"/> <link rel="stylesheet" type="text/css" href="/ossim/style/jquery.switch.css"/> <link rel="stylesheet" type="text/css" href="/ossim/style/datepicker.css"/> <link rel="stylesheet" type="text/css" href="/ossim/style/jquery.dropdown.css"/> <!-- Manual Styles --> <style type="text/css"> #adv_search_button { margin:5px 0px 0px 0px; width:239px; } #views table, #taxonomy table, #mfilters table, #report table { background:none repeat scroll 0 0 #FAFAFA; border:1px solid #BBBBBB; color:black; text-align:center; -moz-border-radius:8px 8px 8px 8px; padding: 2px; } #views table tr td, #taxonomy table tr td, #mfilters table tr td, #report table tr td{ padding: 0; } #views table tr td input, #views table, #taxonomy table tr td input, #taxonomy table, #taxonomy table tr td input, #report table, #mfilters table tr td input, #mfilters table { font-size: 0.9em; line-height: 0.5em; } #views table tr td ul{ padding: 0px; } #views table tr td ul li{ padding: 0px 0px 0px 12px; list-style-type: none; text-align: left; margin: 0px; clear:left; position: relative; height: 23px; line-height: 1em; } .margin0 { margin: 0px; } .left_np { text-align: left; } .par{ background: #f2f2f2; } .impar{ background: #fff; } .padding_right_5 { padding: 0px 5px 0px 0px; } .padding_top_5 { padding: 5px 0px 0px 0px; } .float_left { float: left; } .float_right { float: right; } #views table tr th, #taxonomy table tr th, #mfilters table tr th{ white-space:nowrap; padding:1px 10px; border: 1px solid #CCCCCC; font-size: 11px; color: #222222; font-weight: bold; text-align: center; background: #E5E5E5; background: -webkit-linear-gradient(#EFEFEF, #E5E5E5); background: -moz-linear-gradient(#EFEFEF, #E5E5E5); background: -o-linear-gradient(#EFEFEF, #E5E5E5); filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#EFEFEF', endColorstr='#E5E5E5'); } #viewbox{ font-size: 1.5em; margin: 0.5em; } #dhtmltooltip{ position: absolute; width: 150px; border: 2px solid black; padding: 2px; background-color: lightyellow; visibility: hidden; z-index: 100; } img{ vertical-align:middle; } small { font:12px arial; } #maintable{ background-color: white; } #viewtable{ background-color: white; } .negrita { font-weight:bold; font-size:14px; } .thickbox { color:gray; font-size:10px; } .header{ line-height:28px; height: 28px; background: transparent url(../pixmaps/fondo_col.gif) repeat-x scroll 0% 0%; color: rgb(51, 51, 51); font-size: 12px; font-weight: bold; text-align:center; } .ne { color:black } .gr { color:#999999 } .disabled img { filter:alpha(opacity=50); -moz-opacity:0.5; -khtml-opacity: 0.5; opacity: 0.5; } td.head { border:1px solid #CCCCCC; background: #E5E5E5; background: -webkit-linear-gradient(#EFEFEF, #e5e5e5); background: -moz-linear-gradient(#EFEFEF, #e5e5e5); background: -o-linear-gradient(#EFEFEF, #e5e5e5); filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#efefef', endColorstr='#e5e5e5'); font-size:14px;font-weight:bold; color:#333333; } .left13 { text-align:left; font-size:13px; } ul.tagit { margin: 0px; border:none; } .separated { border-spacing: 0px; border-collapse: separated; padding: 0px; } .separated td { padding: 4px 4px 4px 0px; } </style> <!-- jQuery and Javascript --> <!--[if IE]><script language="javascript" type="text/javascript" src="../js/jqplot/excanvas.js"></script><![endif]--> <script type="text/javascript" src="../js/jquery.min.js"></script> <script type="text/javascript" src="/ossim/js/jquery-ui.min.js"></script> <script type="text/javascript" src="../js/greybox.js"></script> <script type="text/javascript" src="../js/jquery.flot.pie.js" language="javascript"></script> <script type="text/javascript" src="../js/jquery.bgiframe.min.js" language="javascript"></script> <script type="text/javascript" src="../js/jquery.autocomplete.pack.js" language="javascript"></script> <script type="text/javascript" src="../js/utils.js"></script> <script type="text/javascript" src="../js/jquery.tipTip-ajax.js"></script> <script type="text/javascript" src="../js/notification.js"></script> <!-- jSlider --> <script type="text/javascript" src="../js/jslider/jshashtable-2.1_src.js"></script> <script type="text/javascript" src="../js/jslider/jquery.numberformatter-1.2.3.js"></script> <script type="text/javascript" src="../js/jslider/tmpl.js"></script> <script type="text/javascript" src="../js/jslider/jquery.dependClass-0.1.js"></script> <script type="text/javascript" src="../js/jslider/draggable-0.1.js"></script> <script type="text/javascript" src="../js/jslider/jquery.slider.js"></script> <script type="text/javascript" src="../js/jquery.tag-it.js"></script> <script type="text/javascript" src="../js/jquery.placeholder.js"></script> <script type="text/javascript" src="../js/jquery.switch.js"></script> <?php $ipsearch = 1; include "../host_report_menu.php"; ?> <!-- Javascript functions --> <script type="text/javascript"> // ***** Variables ***** // Used in tooltips var url = new Array(50); // For greybox var nogb = false; // Used in calendar var state = false; // Selected Tab var current_section = "<?php echo preg_match("/base_timeline/", $_SERVER['SCRIPT_NAME']) ? "timeline" : (preg_match("/base_stat/", $_SERVER['SCRIPT_NAME']) && $_SERVER['SCRIPT_NAME'] != '/ossim/forensics/base_stat_ipaddr.php' ? "grouped" : "events"); ?> "; // ***** Functions ***** // Tooltip used in unique events plots function showTooltip(x, y, contents, link) { link = link.replace(".",""); link = link.replace(",",""); $('<div id="tooltip" class="tooltipLabel" onclick="load_link(\'' + url[link] + '&submit=Query DB\')"><a href="' + url[link] + '&submit=Query DB" style="font-size:10px;">' + contents + '</a></div>').css( { position: 'absolute', display: 'none', top: y - 28, left: x - 10, border: '1px solid #ADDF53', padding: '1px 2px 1px 2px', 'background-color': '#CFEF95', opacity: 0.80 }).appendTo("body").fadeIn(200); } Array.prototype.in_array = function(p_val) { for(var i = 0, l = this.length; i < l; i++) { if(this[i] == p_val) { return true; } } return false; } // Auxiliary function for sensor input autocomplete function mix_sensors(val) { var sval = val.split(','); if ($("#sensor").val() != "") var aval = $("#sensor").val().split(','); else var aval = []; var mixed = []; var ind = 0; for(var i = 0, l = sval.length; i < l; i++) { if (aval.length>=0 || aval.in_array(sval[i])) // Before aval.length==0 mixed[ind++] = sval[i]; } var str = ""; if (mixed.length > 0) { str = mixed[0]; for(var i = 1, l = mixed.length; i < l; i++) { str = str + ',' + mixed[i]; } //alert($("#sensor").val()+" + "+val+" = "+str); } // return intersection $("#sensor").val(str); } // Used to delete events in background function bgtask() { $.ajax({ type: "GET", url: "base_bgtask.php", data: "", success: function(msg) { var redirection = false; if (msg.match(/No pending tasks/)) { // check if there was a pending task if($("#task").is(":visible")) { var redirection = true; } if ($("#task").is(":visible")) $("#task").toggle(); __timeout = setTimeout("bgtask()",5000); if(redirection) { <?php // Refresh to Grouped by if (preg_match('/base_stat_[^\\.]+.php/', $_SERVER['SCRIPT_NAME'])) { $_current_url = $_SESSION["siem_default_group"] != "" ? $_SESSION["siem_default_group"] : $_SERVER['SCRIPT_NAME'] . "?sort_order=occur_d"; } else { $_current_url = 'base_qry_main.php?num_result_rows=-1&submit=Query+DB¤t_view=-1'; } ?> load_link('./<?php echo $_current_url; ?> '); } } else { if ($("#task").is(":hidden")) $("#task").toggle(); $("#task").html("<img style='border: none' src='./images/sandglass.png'> Deleting in background..."); __timeout = setTimeout("bgtask()",5000); } } }); } // Used in plot response function SetIFrameSource(cid, url) { var myframe = document.getElementById(cid); if(myframe !== null) { if(myframe.src){ myframe.src = url; } else if(myframe.contentWindow !== null && myframe.contentWindow.location !== null){ myframe.contentWindow.location = url; } else{ myframe.setAttribute('src', url); } } } function show_search_tooltip() { var tooltip = { "<?php echo _('Signature'); ?> " : 1, "<?php echo _('Payload'); ?> " : 1, "<?php echo _('Src or Dst IP'); ?> " : 1, "<?php echo _('Src IP'); ?> " : 1, "<?php echo _('Dst IP'); ?> " : 1, "<?php echo _('Src or Dst Host'); ?> " : 2, "<?php echo _('Src Host'); ?> " : 2, "<?php echo _('Dst Host'); ?> " : 2 } var selected = $(this).val(); if (selected in tooltip) { var ul = $('<ul></ul>'); if (tooltip[selected] == 1) { $('<li></li>', { text: "<?php echo _('Conjunction: '); ?> 'AND'" }).appendTo(ul) $('<li></li>', { text: "<?php echo _('Disjunction: '); ?> 'OR'" }).appendTo(ul) } $('<li></li>', { text: "<?php echo _('Negation: '); ?> '!'" }).appendTo(ul) var content = $('<div></div>', { id : "search_opt_tip", text: "<?php echo _('For this search option you can use the following operator(s) to perform complex searches:'); ?> " }) content.append(ul) $('#help_tooltip').removeData("tipTip").tipTip( { maxWidth: "300px", content: content }).show(); } else { $('#help_tooltip').hide().tipTip('destroy'); } } function show_calendar() { $('#date_from').trigger('focus'); } // Button more filters button action function more_filters_toggle() { if ($('#more_filters').is(":visible")) { $('#more_filters').hide(); $('#more_filters_button').val("+ <?php echo _("More Filters"); ?> "); } else { $('#more_filters').show(); $('#more_filters_button').val("- <?php echo _("More Filters"); ?> "); } } // Auxiliary format number for plot hovers function formatNmb(nNmb){ var sRes = ""; for (var j, i = nNmb.length - 1, j = 0; i >= 0; i--, j++) sRes = nNmb.charAt(i) + ((j > 0) && (j % 3 == 0)? "<?php echo thousands_locale(); ?> ": "") + sRes; return sRes; } // [Events, Grouped, Timeline] function load_section(section) { // Some layer changes when no page reload needed if (section == "grouped") { $('#plot_option').hide(); $('#grouped_option').show(); } if (section == "events") { $('#grouped_option').hide(); $('#plot_option').show(); } if (section == "timeline") { $('#grouped_option').hide(); } current_section = section; $('#criteria_tagit').tagit( { onlyAllowDelete: true, beforeTagRemoved: function(event, ui) { var url = $(ui.tag).data('info'); if(typeof url != 'undefined' && url != '') { load_link(url); } } }); } function load_link(url) { if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true); document.location.href=url; } // Custom Views // Get default view <?php require_once "ossim_conf.inc"; $conf = $GLOBALS["CONF"]; $idm_enabled = $conf->get_conf("enable_idm", FALSE) == 1 && Session::is_pro() ? true : false; $login = Session::get_session_user(); $config = new User_config($db); $default_view = $config->get($login, 'custom_view_default', 'php', "siem") != "" ? $config->get($login, 'custom_view_default', 'php', "siem") : ($idm_enabled ? 'IDM' : 'default'); ?> var default_view = "<?php echo $default_view; ?> "; function set_default_view(name) { $('#view_star_'+name).attr('src', '../pixmaps/loading.gif'); $.ajax({ type: "GET", url: "custom_view_save.php", data: "name="+name+"&set_default=1", success: function(msg) { if (msg != "") { alert(msg); } else { $('.view_star').attr('src', '../pixmaps/star-small-empty.png'); $('#view_star_'+name).attr('src', '../pixmaps/star-small.png'); default_view = name; } } }); } function change_view(view) { var url = "base_qry_main.php?num_result_rows=-1&submit=Query+DB¤t_view=-1&custom_view="+view; load_link(url); } function save_view(id_img) { var img = $('#'+id_img).attr('src').split('/'); img = img[img.length-1]; var url = '../pixmaps/'; var src1='loading3.gif'; var src2='tick.png'; $('#'+id_img).attr('src', url+src1); $.ajax({ type: "GET", url: "custom_view_save.php", data: "", success: function(msg) { $('#'+id_img).attr('src', url+src2); setTimeout("($('#"+id_img+"').attr('src', '"+url+img+"'))",1000); } }); } function delete_view(name) { $.ajax({ type: "GET", url: "custom_view_delete.php", data: "name="+name, success: function(msg) { if (msg != "") { alert(msg); } else { var url = "base_qry_main.php?num_result_rows=-1&submit=Query+DB"; load_link(url); } } }); } // Greybox //function GB_hide() { document.location.reload() } //function GB_onclose() { nogb=false; } function GB_onclose(url) { if (url.match(/otx|kdb|insertsid|shellcode/)) { nogb=false; return false; } if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true); document.location.reload(); } // Triggered by custom_view_edit.php when it creates or deletes function GB_onhide(url, params) { if (url.match(/newincident/)) { document.location.href="../incidents/index.php?m_opt=analysis&sm_opt=tickets&h_opt=tickets" return false } if (typeof(params) == 'object' && typeof params['change_view'] != 'undefined') { change_view(params['change_view']); return false } if (typeof(params) == 'object' && typeof params['url_detail'] != 'undefined') { if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true); document.location.href = params['url_detail']; return false } } // Solera function solera_deepsee (from,to,src_ip,src_port,dst_ip,dst_port,proto) { $('#solera_form input[name=from]').val(from); $('#solera_form input[name=to]').val(to); $('#solera_form input[name=src_ip]').val(src_ip); $('#solera_form input[name=src_port]').val(src_port); $('#solera_form input[name=dst_ip]').val(dst_ip); $('#solera_form input[name=dst_port]').val(dst_port); $('#solera_form input[name=proto]').val(proto); GB_show_post('Solera DeepSee ™','#solera_form',300,600); } // Events grouping button click function dsgroup_for_selected() { var idlist = ""; var sidlist = ""; $("input:checkbox:checked").each(function() { if(this.className == "trlnks") { if (idlist != "") idlist += ","; if (sidlist != "") sidlist += ","; idlist += this.getAttribute('pid'); sidlist += this.getAttribute('psid'); } }); if (idlist != "" && sidlist != "") { GB_show("<?php echo _("Insert into existing DS Group"); ?> ","/policy/insertsid.php?plugin_id="+idlist+"&plugin_sid="+sidlist,'650','65%'); } } function CheckSensor() { if ($('#sensor option:selected').val()!='') { if ($('#exclude').is(':checked')) { if ($('#sensor option:selected').text().match(/Context/)) { $('#exclude').prop('checked',false); } else { $('#sensor option:selected').val('!' + $('#sensor option:selected').val()); } } } } function SetSensor(btn,clk) { $('#ctx').val(''); if (clk) // change combo box { if ($('#sensor option:selected').text().match(/Context/)) { $('#exclude').prop('checked',false).prop('disabled',true); $("#lexc").css('color','lightgray'); } else { $('#exclude').prop('disabled',false); $("#lexc").css('color','rgb(85,85,85)'); } btn.click(); } else // click exclude checkbox { if ($('#sensor option:selected').val()!='') { btn.click(); } } DisableContexts(); } function DisableContexts() { if ($('#exclude').is(':checked')) { $('.ents').prop('disabled',true); } else { $('.ents').prop('disabled',false); } if ($('#sensor option:selected').text().match(/Context/)) { $('#exclude').prop('checked',false).prop('disabled',true); $("#lexc").css('color','lightgray'); } } // Top refresh link function re_load() { if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true); if (typeof(pag_reload)=='function') { pag_reload(); } else { var href = document.location.href.replace("&nocache=1",""); document.location.href = href + "&nocache=1"; document.location.reload(false); } } // Select all when DeleteAllOnScreen button click function click_all(bt) { $("input[name^='action_chk_lst']").each(function() { $(this).attr('checked',true); }); $('#eqbtn'+bt).click() } // Group By selection function group_selected(val) { // Reset $('#group_button').hide(); $('#group_ip_select').css('display', 'none'); $('#group_hostname_select').css('display', 'none'); $('#group_username_select').css('display', 'none'); $('#group_port_select').css('display', 'none'); $('#group_proto_select').css('display', 'none'); // Second level if (val.match("^ip")) { $('#group_ip_select').css('display', 'inline'); } if (val.match("^hostname")) { $('#group_hostname_select').css('display', 'inline'); } if (val.match("^username")) { $('#group_username_select').css('display', 'inline'); } if (val.match("^port")) { $('#group_port_select').css('display', 'inline'); // Third level (Ports) if ($('#group_port_select').find(":selected").val() != "portempty") { if (val.match("port(src|dst)") || val.match("proto") || $('#group_proto_select').find(":selected").val() != "") { $('#group_proto_select').css('display', 'inline'); } } } // Show Group Button (All options are ready to go) if (val == "signature" || val == "sensor" || val == "ptypes" || val == "otx" || val == "plugins" || val == "country" || val == "categories" || (val.match("^ip") && $('#groupby_ip').find(":selected").val() != "ipempty") || (val.match("^hostname") && $('#groupby_hostname').find(":selected").val() != "hostnameempty") || (val.match("^username") && $('#groupby_username').find(":selected").val() != "usernameempty") || (val.match("^port") && $('#group_port_select').find(":selected").val() != "portempty" && $('#group_proto_select').find(":selected").val() != "portprotoempty")) { $('#group_button').show(); } } // Group by go function go_stats() { if ($('#groupby_1').val() == "ip") { if ($('#groupby_ip').val() == "iplink") { load_link("base_stat_iplink.php?sort_order=events_d&fqdn=no"); } else if ($('#groupby_ip').val() == "iplink_fqdn") { load_link("base_stat_iplink.php?sort_order=events_d&fqdn=yes"); } else if ($('#groupby_ip').val() == "ipsrc") { load_link("base_stat_uaddr.php?addr_type=1&sort_order=occur_d"); } else if ($('#groupby_ip').val() == "ipdst") { load_link("base_stat_uaddr.php?addr_type=2&sort_order=occur_d"); } else if ($('#groupby_ip').val() == "ipboth") { load_link("base_stat_uaddress.php?sort_order=occur_d"); } } else if ($('#groupby_1').val() == "hostname") { if ($('#groupby_hostname').val() == "hostnamesrc") { load_link("base_stat_uidmsel.php?addr_type=src_hostname&sort_order=occur_d"); } else if ($('#groupby_hostname').val() == "hostnamedst") { load_link("base_stat_uidmsel.php?addr_type=dst_hostname&sort_order=occur_d"); } else { load_link("base_stat_uidm.php?addr_type=hostname&sort_order=occur_d"); } } else if ($('#groupby_1').val() == "username") { if ($('#groupby_username').val() == "usernamesrc") { load_link("base_stat_uidmsel.php?addr_type=src_userdomain&sort_order=occur_d"); } else if ($('#groupby_username').val() == "usernamedst") { load_link("base_stat_uidmsel.php?addr_type=dst_userdomain&sort_order=occur_d"); } else { load_link("base_stat_uidm.php?addr_type=userdomain&sort_order=occur_d"); } } else if ($('#groupby_1').val() == "signature") { load_link("base_stat_alerts.php?sort_order=occur_d"); } else if ($('#groupby_1').val() == "port") { if ($('#groupby_port').val() == "portsrc") { if ($('#groupby_proto').val() == "portprototcp") { load_link("base_stat_ports.php?sort_order=occur_d&port_type=1&proto=6"); } else if ($('#groupby_proto').val() == "portprotoudp") { load_link("base_stat_ports.php?sort_order=occur_d&port_type=1&proto=17"); } else if ($('#groupby_proto').val() == "portprotoany") { load_link("base_stat_ports.php?sort_order=occur_d&port_type=1&proto=-1"); } } else if ($('#groupby_port').val() == "portdst") { if ($('#groupby_proto').val() == "portprototcp") { load_link("base_stat_ports.php?sort_order=occur_d&port_type=2&proto=6"); } else if ($('#groupby_proto').val() == "portprotoudp") { load_link("base_stat_ports.php?sort_order=occur_d&port_type=2&proto=17"); } else if ($('#groupby_proto').val() == "portprotoany") { load_link("base_stat_ports.php?sort_order=occur_d&port_type=2&proto=-1"); } } } else if ($('#groupby_1').val() == "sensor") { load_link("base_stat_sensor.php?sort_order=occur_d"); } else if ($('#groupby_1').val() == "otx") { load_link("base_stat_otx.php?sort_order=occur_d"); } else if ($('#groupby_1').val() == "ptypes") { load_link("base_stat_ptypes.php?sort_order=occur_d"); } else if ($('#groupby_1').val() == "plugins") { load_link("base_stat_plugins.php?sort_order=occur_d"); } else if ($('#groupby_1').val() == "country") { load_link("base_stat_country.php"); } else if ($('#groupby_1').val() == "categories") { load_link("base_stat_categories.php?sort_order=occur_d"); } } // Postload action (call from host_report_menu.php) function postload() { if (typeof(DisableContexts)=='function') { DisableContexts(); } if (typeof(parent.hide_overlay_spinner)=='function' && parent.is_loading_box()) { parent.hide_overlay_spinner(); } // Show spinner on form submit $('#bsf, a.qlink').on('click',function(){ if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true); }); $('#go_button').on('click',function() { if (typeof(parent.show_overlay_spinner)=='function') parent.show_overlay_spinner(true); var sstr = $("#search_str").val(); var scombo = $("#search_type_combo").val(); if (sstr.match(/\!?\d+\.\d+\.\d+\.\d+/) && scombo == 'Signature') { $("#search_type_combo").val('Src or Dst IP'); } }); // CAPTURE ENTER KEY $("#search_str").bind("keydown", function(event) { // track enter key var keycode = (event.keyCode ? event.keyCode : (event.which ? event.which : event.charCode)); if (keycode == 13) { // keycode for enter key $('#submit').val('<?php echo _("Signature"); ?> '); $('#go_button').click(); return false; } else { return true; } }); // Top Graph Trend SWITCH $('#trend_checkbox').toggles({ "text" : { "on" : '<?php echo _('On'); ?> ', "off" : '<?php echo _('Off'); ?> ' }, "on" : false, "width" : 50, "height" : 18, }); $('#trend_checkbox').on('toggle', function (e, status) { if (status == true) { // Display trend $('#iplot').toggle(); $('#loadingTrend').show(); SetIFrameSource('processframe','base_plot.php') } else { // Hide trend $('#iplot').toggle(); } }); // TOOLTIPS $('.scriptinfo').tipTip({ defaultPosition: "right", content: function (e) { var ip = $(this).attr('data-title').replace(/\-.*/,''); var ctx = $(this).attr('data-title').replace(/.*\-/,''); $.ajax({ url: 'base_netlookup.php?ip=' + ip + ';' + ctx, success: function (response) { e.content.html(response); // the var e is the callback function data (see above) } }); return '<?php echo _("Searching") . "..."; ?> '; // We temporary show a Please wait text until the ajax success callback is called. } }); $('.task_info').tipTip({ defaultPosition: "down", delay_load: 100, maxWidth: "auto", edgeOffset: 3, keepAlive:false, content: function (e) { $.ajax({ type: 'GET', url: 'base_bgtask.php', success: function (response) { e.content.html(response); // the var e is the callback function data (see above) } }); return '<?php echo _("Waiting status") . "..."; ?> '; // We temporary show a Please wait text until the ajax success callback is called. } }); $('.riskinfo').tipTip({ defaultPosition: "left", content: function (e) { return $(this).attr('txt') } }); $('.idminfo').tipTip({ defaultPosition: "top", content: function (e) { return $(this).attr('txt') } }); $('.scriptinfoimg').tipTip({ defaultPosition: "right", content: function (e) { return $(this).attr('txt') } }); $(".tztooltip").tipTip({ defaultposition: 'right', content: function (e) { return $(this).attr('txt') } }); $('.scriptinf').tipTip({ defaultPosition: "bottom", content: function (e) { return $(this).attr('txt') } }); $('.selectu').on('change',function(){ $('#extradatafield').attr('placeholder',$(this).val().ucwords()+' field'); }); if (typeof $('.selectu').val() != 'undefined') { $('#extradatafield').attr('placeholder',$('.selectu').val().ucwords()+' field'); } $('#views_link').on('click',function(event) { event.stopPropagation(); $('#actions_dd').hide(); var diff = ($.browser.webkit && !(/chrome/.test(navigator.userAgent.toLowerCase()))) ? -3 : 0; var vl = $('#views_link').offset(); var tt = vl.top + $('#views_link').outerHeight(true) + diff; var ll = vl.left - $('#custom_views').outerWidth(true) + $('#views_link').outerWidth(false); $('#custom_views').css({position: 'absolute', left: Math.floor(ll), top: Math.floor(tt)}).toggle(); return false; }); $('#views_close').on('click',function() { $('#views').hide(); }); $('#actions_link').on('click',function(event) { event.stopPropagation(); $('#custom_views').hide(); var diff = ($.browser.webkit && !(/chrome/.test(navigator.userAgent.toLowerCase()))) ? -3 : 0; var vl = $('#actions_link').offset(); var tt = vl.top + $('#actions_link').outerHeight(true) + diff; var ll = vl.left - $('#actions_dd').outerWidth(true) + $('#actions_link').outerWidth(true) + diff; $('#actions_dd').css({position: 'absolute', left: Math.floor(ll), top: Math.floor(tt)}).toggle(); return false; }); // AUTOCOMPLETES <?php $db_aux = new ossim_db(true); $conn_aux = $db_aux->connect(); // Purge or Restore backup action is running list($backup_status, $backup_mode, $backup_progress) = Backup::is_running($conn_aux); if ($backup_status > 0) { ?> show_backup_status(); <?php } $ctx = $_GET["ctx"] != "" ? $_GET["ctx"] : $_SESSION["ctx"]; $ents = ''; if (Session::is_pro()) { $my_entities = Session::am_i_admin() ? $entities : Acl::get_entities_to_assign($conn_aux); foreach ($my_entities as $e_id => $e_name) { if (Session::get_entity_type($conn_aux, $e_id) != 'context') { continue; } $ents .= '<option class="ents" value="' . $e_id . '"' . ($ctx == $e_id ? ' selected' : '') . '>' . _('Context') . ': ' . Util::htmlentities($e_name) . '</option>'; } } $db_aux->close($conn_aux); ?> $("#otx_pulse").autocomplete('/ossim/otx/providers/otx_pulse_autocomplete.php?type=event', { minChars: 0, width: 197, max: 50, matchContains: "word", autoFill: false, scroll: true, formatItem: function(row, i, max, value) { return (value.split('###'))[1]; }, formatResult: function(data, value) { return (value.split('###'))[1]; } }).result(function(event, item) { if (typeof(item) != 'undefined' && item != null) { var _aux_item = item[0].split('###'); var pulse_id = _aux_item[0]; $('#otx_activity').prop('checked', false); $("#otx_pulse_value").val(pulse_id); $("#bsf").click(); } }); <?php // AUTOCOMPLETE DEVICES if (Session::is_pro()) { ?> $("#device_input").autocomplete('base_devices.php', { minChars: 0, width: 197, max: 50, matchContains: "word", autoFill: true, scroll: true, formatItem: function(row, i, max, value) { return value; }, formatResult: function(data, value) { return value; } }).result(function(event, item) { if (typeof(item) != 'undefined' && item != null) { $("#device_input").val(item[0]); $("#bsf").click(); } }); <?php } ?> var dayswithevents = [ <?php //echo GetDatesWithEvents($db) ?> ]; /* CALENDAR PLUGIN */ $('.date_filter').datepicker( { buttonText: "", showOn: "both", dateFormat: "yy-mm-dd", buttonImage: "/ossim/pixmaps/calendar.png", // Color of the cells beforeShowDay: function ( date ) { var classname = ''; var withevents = ''; // With-Events color //var withevents = (dayswithevents.in_array(date.getTime())) ? ' evented-date' : '' return [true, classname + withevents]; }, onClose: function(selectedDate) { // End date must be greater than the start date if ($(this).attr('id') == 'date_from') { $('#date_to').datepicker('option', 'minDate', selectedDate ); } else { $('#date_from').datepicker('option', 'maxDate', selectedDate ); } var from = $('#date_from').val(); var to = $('#date_to').val(); if (from != '' && to != '') { var url = "&time_range=range&time_cnt=2&time%5B0%5D%5B0%5D=+&time%5B0%5D%5B1%5D=%3E%3D&time%5B0%5D%5B8%5D=+&time%5B0%5D%5B9%5D=AND&time%5B1%5D%5B1%5D=%3C%3D" var f1 = from.split(/\-/); url = url + '&time%5B0%5D%5B2%5D=' + f1[1]; // month url = url + '&time%5B0%5D%5B3%5D=' + f1[2]; // day url = url + '&time%5B0%5D%5B4%5D=' + f1[0]; // year url = url + '&time%5B0%5D%5B5%5D=00&time%5B0%5D%5B6%5D=00&time%5B0%5D%5B7%5D=00'; var f2 = to.split(/\-/); url = url + '&time%5B1%5D%5B2%5D=' + f2[1]; // month url = url + '&time%5B1%5D%5B3%5D=' + f2[2]; // day url = url + '&time%5B1%5D%5B4%5D=' + f2[0]; // year url = url + '&time%5B1%5D%5B5%5D=23&time%5B1%5D%5B6%5D=59&time%5B1%5D%5B7%5D=59'; <?php $uri = Util::htmlentities_url(Util::get_sanitize_request_uri($_SERVER['REQUEST_URI'])); $actual_url = str_replace("?clear_allcriteria=1&", "?", str_replace("&clear_allcriteria=1", "", $uri)) . (preg_match("/\\?.*/", $uri) ? "&" : "?"); ?> // Go load_link('<?php echo $actual_url; ?> '+url); } } }); $('.ndc').disableTextSelect(); // timeline if (typeof load_tree == 'function') load_tree(); // timeline if (typeof gen_timeline == 'function') gen_timeline(); // report if (typeof parent.launch_form == 'function') parent.launch_form(); // trcellclk single and double click handle var timeOut = 250; var timeoutID = 0; var ignoreSingleClicks = false; var clink = null; $('.trcellclk').on('click',function(){ if (!ignoreSingleClicks) { clink = $(this).data('link')+'&minimal_view=1&noback=1&pag=<?php echo intval($_POST['submit']); ?> '; clearTimeout(timeoutID); timeoutID = setTimeout( function(){ if (!nogb) { GB_show_nohide("<?php echo _("Event details"); ?> ",clink,'65%','85%'); } }, timeOut); } }).on('dblclick',function(){ clearTimeout(timeoutID); ignoreSingleClicks = true; setTimeout(function() { ignoreSingleClicks = false; }, timeOut); load_link('<?php echo AV_MAIN_PATH; ?> '+$(this).data('link')+'&noheader=true'); }).disableTextSelect(); // Some link handlers $('a.trlnk,a.trlnka').each(function() { $(this).click(function() { nogb=true; }); }); $('a.trlnks,input.trlnks').each(function() { $(this).click(function() { nogb=true; setTimeout("nogb=false",1000); }); }); $('.greybox').click(function(){ var t = this.title || $(this).text() || this.href; GB_show(t,this.href, 550,'85%'); return false; }); // Clean search box $('#frm').submit(function() { if ($('#search_str').attr('class') == "gr") { $('#search_str').val(""); } }); // Risk slider /* $("#risk_slider").slider({ from: 1, to: 5, smooth: false, callback: function( event, ui ) { alert('yeah'); } }); */ $('#more_filters_button').click(function(){ more_filters_toggle(); }); $('#adv_search_button').click(function(){ GB_show("<?php echo _("Advanced Search"); ?> ","/forensics/base_qry_form.php", 550, 900); return false; }); <?php if ($_POST['gbhide'] == "1") { ?> var params = new Array(); params['nostop'] = 1; parent.GB_hide(params); <?php } ?> // Select Section Tab load_section(current_section); if (current_section == 'grouped') { var selected_tab = 1; } else if (current_section == 'timeline') { var selected_tab = 2; } else { var selected_tab = 0; } /* Activating the tab plugin */ $("#tab_siem").tabs( { selected: selected_tab, select: function(event, ui) { var action_id = $(ui.tab).data('action_id'); switch(action_id) { case 0: load_section('events'); break; case 1: load_link('base_qry_main.php?submit=Query+DB'); break; case 2: load_link('<?php echo $_SESSION["siem_default_group"] != "" ? $_SESSION["siem_default_group"] : "base_stat_alerts.php?sort_order=occur_d"; ?> '); break; case 3: load_section('timeline'); break; case 4: load_link('base_timeline.php'); break; } } }); } // Check backup status with interval while is running function show_backup_status() { var form_data = 'action=status'; $.ajax({ type: 'GET', url: '<?php echo AV_MAIN_PATH; ?> /backup/ajax/backup_actions.php', dataType: 'json', data: form_data, success: function(data) { if (typeof(data) != 'undefined' && typeof(data.message) != 'undefined' && data.message != '') { var url = "<?php echo Menu::get_menu_url(AV_MAIN_PATH . '/backup/index.php', 'configuration', 'administration', 'backups', 'backups_events'); ?> "; var backup_link = '<a href="' + url + '">' + data.message + '</a>'; var msg = 'A background task could be affecting to the performance<br/>' + backup_link; show_notification(msg, 'backup_info', 'nf_warning', 'padding: 2px; width: 100%; margin: auto; text-align: left'); setTimeout('show_backup_status()', 10000); } else { $('#backup_info').html(''); } } }); } function show_notification (msg, container, nf_type, style) { var nt_error_msg = (msg == '') ? '<?php echo _('Sorry, operation was not completed due to an error when processing the request'); ?> ' : msg; var style = (style == '' ) ? 'width: 80%; text-align:center; padding: 5px 5px 5px 22px; margin: 20px auto;' : style; var config_nt = { content: nt_error_msg, options: { type: nf_type, }, style: style }; var nt_id = 'nt_ns'; var nt = new Notification(nt_id, config_nt); var notification = nt.show(); $('#'+container).html(notification); } function report_launcher(data,type) { var url = '<?php echo urlencode((preg_match("/\\?/", $_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : $_SERVER["REQUEST_URI"] . "?" . $_SERVER["QUERY_STRING"]) . "&export=1"); ?> '; var dates = '<?php echo $y1 != "" ? "&date_from=" . urlencode("{$y1}-{$m11}-{$d1}") : "&date_from="; echo $y2 != "" ? "&date_to=" . urlencode("{$y2}-{$m21}-{$d2}") : "&date_to="; ?> '; GB_show("<?php echo _("Report options"); ?> ",'/forensics/report_launcher.php?url='+url+'&data='+data+'&type='+type+dates,200,'40%'); return false; } // bgtask check <?php if ($_SESSION["deletetask"] != "") { echo "if (typeof __timeout == 'undefined' || !__timeout) bgtask();\n"; } else { echo "// Not running"; } ?> $(document).ready(function() { $('#search_type_combo').on('change', show_search_tooltip); $('#search_type_combo').trigger('change'); $('.pholder').placeholder(); }); </script> </head> <body> <?php // Include search form, current criteria box, and stats box if (!array_key_exists("minimal_view", $_GET) && !array_key_exists("noheader", $_GET)) { include "base_header.php"; } }