} } // Timezone $tz = Util::get_timezone(); //$qs->AddValidAction("ag_by_id"); //$qs->AddValidAction("ag_by_name"); //$qs->AddValidAction("add_new_ag"); $qs->AddValidAction("del_alert"); //$qs->AddValidAction("email_alert"); //$qs->AddValidAction("email_alert2"); //$qs->AddValidAction("csv_alert"); //$qs->AddValidAction("archive_alert"); //$qs->AddValidAction("archive_alert2"); $qs->AddValidActionOp(gettext("Delete Selected")); $qs->AddValidActionOp(gettext("Delete ALL on Screen")); $qs->SetActionSQL($from1 . $where1); $et->Mark("Initialization"); $qs->RunAction($submit, PAGE_STAT_SENSOR, $db); $et->Mark("Alert Action"); /* create SQL to get Unique Alerts */ $cnt_sql = "SELECT count(DISTINCT acid_event.device_id) " . $from . $where; /* Run the query to determine the number of rows (No LIMIT)*/ if (!$use_ac) { $qs->GetNumResultRows($cnt_sql, $db); } $et->Mark("Counting Result size"); /* Setup the Query Results Table */ $qro = new QueryResultsOutput("base_stat_sensor.php?caller=" . $caller); $qro->AddTitle(" "); $qro->AddTitle(gettext("Sensor"), "sid_a", " ", " ORDER BY acid_event.device_id ASC", "sid_d", " ", " ORDER BY acid_event.device_id DESC"); $qro->AddTitle(gettext("Name"), "", " ", " ", "", " ", " ");
} else { $where = $matches[1] . " AND timestamp >= '" . $matches[2] . "' " . $matches[4]; } } //$qs->AddValidAction("ag_by_id"); //$qs->AddValidAction("ag_by_name"); //$qs->AddValidAction("add_new_ag"); //$qs->AddValidAction("del_alert"); //$qs->AddValidAction("email_alert"); //$qs->AddValidAction("email_alert2"); //$qs->AddValidAction("csv_alert"); //$qs->AddValidAction("archive_alert"); //$qs->AddValidAction("archive_alert2"); //$qs->AddValidActionOp(gettext("Delete Selected")); //$qs->AddValidActionOp(gettext("Delete ALL on Screen")); $qs->SetActionSQL($from . $where); $et->Mark("Initialization"); $qs->RunAction($submit, PAGE_STAT_UADDR, $db); $et->Mark("Alert Action"); /* Setup the Query Results Table */ $qro = new QueryResultsOutput("base_stat_uaddr.php?caller=" . $caller . "&addr_type=" . $addr_type); $qro->AddTitle(" "); $sort_sql = $qro->GetSortSQL($qs->GetCurrentSort(), $qs->GetCurrentCannedQuerySort()); $sql = "(SELECT DISTINCT ip_src, 'S', COUNT(acid_event.cid) as num_events " . $sort_sql[0] . $from . $where . " GROUP BY ip_src HAVING num_events>0 " . $sort_sql[1] . ") UNION (SELECT DISTINCT ip_dst, 'D', COUNT(acid_event.cid) as num_events " . $sort_sql[0] . $from . $where . " GROUP BY ip_dst HAVING num_events>0 " . $sort_sql[1] . ")"; // use accumulate tables only with timestamp criteria if ($use_ac) { $where = $more = $sqla = $sqlb = $sqlc = ""; if (preg_match("/timestamp/", $criteria_clauses[1])) { $where = "WHERE " . str_replace("timestamp", "day", $criteria_clauses[1]); } $orderby = str_replace("acid_event.", "", $sort_sql[1]);
</div> <hr /> <form name="PacketForm" id="PacketForm" action="base_ag_main.php" method="post"> <?php if ($debug_mode == 1) { echo "\n <table border='1'>\n <tr>\n <td>ag_action</td>\n <td>submit</td>\n <td>ag_id</td>\n </tr>\n <tr><td>" . htmlspecialchars($ag_action) . "</td>\n <td>{$submit}</td>\n <td>" . htmlspecialchars($ag_id) . "</td>\n </tr>\n </table>\n"; } $qs->AddValidAction("del_alert"); //$qs->AddValidAction("email_alert"); //$qs->AddValidAction("email_alert2"); //$qs->AddValidAction("clear_alert"); $qs->AddValidActionOp(gettext("Delete Selected")); $qs->AddValidActionOp(gettext("Delete ALL on Screen")); $qs->AddValidActionOp(gettext("Delete Entire Query")); $qs->SetActionSQL("SELECT ag_sid, ag_cid FROM acid_ag_alert WHERE ag_id='" . $ag_id . "'"); $debug_time_mode > 0 ? $et->Mark("Initialization") : ''; $qs->RunAction($submit, PAGE_QRY_AG, $db); $debug_time_mode > 0 ? $et->Mark("Alert Action") : ''; switch ($ag_action) { case "create": echo '<h3>' . gettext("Create Group") . '</h3>'; break; case "view": echo '<h3>' . gettext("View Group") . '</h3>'; break; case "edit" || "save": echo '<h3>' . gettext("Edit Group") . '</h3>'; break; case "delete" || "delete_confirm": echo '<h3>' . gettext("Delete Group") . '</h3>';
$cs->ReadState(); $qs = new QueryState(); $page_title = _("Event"); /* Connect to the Alert database */ $db = NewBASEDBConnection($DBlib_path, $DBtype); $db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password); if (!array_key_exists("minimal_view", $_GET) && !array_key_exists("noheader", $_GET)) { PrintCriteria(""); } $criteria_clauses = ProcessCriteria(); // Include base_header.php PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), 1); $from = " FROM acid_event " . $criteria_clauses[0]; $where = " WHERE " . $criteria_clauses[1]; $qs->AddValidAction("del_alert"); $qs->SetActionSQL($sort_sql[0] . $from . $where); $et->Mark("Initialization"); $qs->RunAction($submit, PAGE_ALERT_DISPLAY, $db); $et->Mark("Alert Action"); /* If get a valid (sid,cid) store it in $caller. * But if $submit is returning from an alert action * get the (sid,cid) back from $caller */ if ($submit == _("Delete Selected")) { $submit = ImportHTTPVar("caller", VAR_DIGIT | VAR_PUNC); } else { $caller = $submit; } /* Setup the Query Results Table -- However, this data structure is not * really used for output. Rather, it duplicates the sort SQL set in * base_qry_sqlcalls.php
//print "B"; $where = $matches[1] . " AND timestamp >= '" . $matches[2] . "' " . $matches[4]; } } //$qs->AddValidAction("ag_by_id"); //$qs->AddValidAction("ag_by_name"); //$qs->AddValidAction("add_new_ag"); $qs->AddValidAction("del_alert"); //$qs->AddValidAction("email_alert"); //$qs->AddValidAction("email_alert2"); //$qs->AddValidAction("csv_alert"); //$qs->AddValidAction("archive_alert"); //$qs->AddValidAction("archive_alert2"); $qs->AddValidActionOp(gettext("Insert into DS Group")); $qs->AddValidActionOp(gettext("Delete Selected")); $qs->AddValidActionOp(gettext("Delete ALL on Screen")); $qs->AddValidActionOp(gettext("Delete Entire Query")); $qs->SetActionSQL("SELECT hex(acid_event.id) as id {$from} {$where}"); $et->Mark("Initialization"); $qs->RunAction($submit, PAGE_QRY_ALERTS, $db); $et->Mark("Alert Action"); //if ($debug_mode > 0) ErrorMessage("Initial/Canned Query or Sort Clicked"); require "base_qry_sqlcalls.php"; $qs->SaveState(); echo "\n</FORM>\n"; if (!array_key_exists("minimal_view", $_GET)) { PrintBASESubFooter(); $et->Mark("Get Query Elements"); $et->PrintTiming(); } echo "</body>\r\n</html>";
$where = $matches[1] . " AND timestamp >= '" . $matches[2] . "' " . $matches[4]; } } //$qs->AddValidAction("ag_by_id"); //$qs->AddValidAction("ag_by_name"); //$qs->AddValidAction("add_new_ag"); $qs->AddValidAction("del_alert"); //$qs->AddValidAction("email_alert"); //$qs->AddValidAction("email_alert2"); //$qs->AddValidAction("csv_alert"); //$qs->AddValidAction("archive_alert"); //$qs->AddValidAction("archive_alert2"); $qs->AddValidActionOp(gettext("Delete Selected")); $qs->AddValidActionOp(gettext("Delete ALL on Screen")); $qs->AddValidActionOp(gettext("Delete Entire Query")); $qs->SetActionSQL("SELECT acid_event.sid, acid_event.cid {$from} {$where}"); $et->Mark("Initialization"); $qs->RunAction($submit, PAGE_QRY_ALERTS, $db); $et->Mark("Alert Action"); if ($debug_mode > 0) { ErrorMessage("Initial/Canned Query or Sort Clicked"); } include "{$BASE_path}/base_qry_sqlcalls.php"; } else { include "{$BASE_path}/base_qry_form.php"; } $qs->SaveState(); echo "\n</FORM>\n"; if (!array_key_exists("minimal_view", $_GET)) { PrintBASESubFooter(); $et->Mark("Get Query Elements");