示例#1
0
    $max = 7;
    for ($i = $max - 1; $i >= 0; $i--) {
        $d = gmdate("j M", $timetz - 86400 * $i);
        $hours[] = $d;
        $trend[] = $data[$d] != "" ? $data[$d] : 0;
    }
    /*foreach ($data as $h => $v) {
      	$hours[] = $h;
      	$trend[] = ($v!="") ? $v : 0;
      }
      $max = count($hours);*/
    $siem_url = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=day&time[0][0]=+&time[0][1]=>%3D&time[0][2]=MM&time[0][3]=DD&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=00&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=MM&time[1][3]=DD&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=23&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics&plugin=" . $plugins;
} else {
    $js = "analytics_duo";
    $data = SIEM_trends();
    $data2 = Logger_trends();
    for ($i = $max - 1; $i >= 0; $i--) {
        $h = gmdate("j G", $timetz - 3600 * $i) . "h";
        $hours[] = preg_replace("/^\\d+ /", "", $h);
        $trend[] = $data[$h] != "" ? $data[$h] : 0;
        $trend2[] = $data2[$h] != "" ? $data2[$h] : 0;
    }
    $siem_url = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=day&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz) . "&time[0][3]=" . gmdate("d", $timetz) . "&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz) . "&time[1][3]=" . gmdate("d", $timetz) . "&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics";
    $siem_url_y = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=day&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz - 86400) . "&time[0][3]=" . gmdate("d", $timetz - 86400) . "&time[0][4]=" . gmdate("Y", $timetz - 86400) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz - 86400) . "&time[1][3]=" . gmdate("d", $timetz - 86400) . "&time[1][4]=" . gmdate("Y", $timetz - 86400) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics";
}
//
$empty = true;
?>
<body scroll="no" style="overflow:hidden;font-family:arial;font-size:11px">		
	<table id="data" style="display:none">
        <tfoot>
示例#2
0
    }
    $f_url = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=MM&time[0][3]=ZZ&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=00&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=MM&time[1][3]=ZZ&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=23&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&plugin=" . $plugins;
} elseif (GET('type') == 'honeypotweek') {
    $js = 'analytics';
    $data = SIEM_trends_week('taxonomy=honeypot');
    $max = 7;
    for ($i = $max - 1; $i >= 0; $i--) {
        $d = gmdate('j M', $timetz - 86400 * $i);
        $hours[] = $d;
        $trend[] = $data[$d] != "" ? $data[$d] : 0;
    }
    $f_url = "../forensics/base_qry_main.php?clear_allcriteria=1&category%5B0%5D=19&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=MM&time[0][3]=ZZ&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=00&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=MM&time[1][3]=ZZ&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=23&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d";
} else {
    $js = 'analytics_duo';
    $data = SIEM_trends();
    $data2 = $prodemo ? Logger_trends() : array();
    for ($i = $max - 1; $i >= 0; $i--) {
        $h = gmdate('j G', $timetz - 3600 * $i) . 'h';
        $hours[] = preg_replace("/^\\d+ /", '', $h);
        $trend[] = $data[$h] != '' ? $data[$h] : 0;
        $trend2[] = $data2[$h] != '' ? $data2[$h] : 0;
    }
    $f_url = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz) . "&time[0][3]=" . gmdate("d", $timetz) . "&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz) . "&time[1][3]=" . gmdate("d", $timetz) . "&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d";
    $f_url_y = "../forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz - 86400) . "&time[0][3]=" . gmdate("d", $timetz - 86400) . "&time[0][4]=" . gmdate("Y", $timetz - 86400) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz - 86400) . "&time[1][3]=" . gmdate("d", $timetz - 86400) . "&time[1][4]=" . gmdate("Y", $timetz - 86400) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d";
}
$empty = TRUE;
?>
<body scroll="no" style="overflow:hidden;font-family:arial;font-size:11px">		
	<table id="data" style="display:none">
        <tfoot>
            <tr>
示例#3
0
     }
     $colors = get_widget_colors(count($data));
     break;
 case 'siemlogger':
     //Amount of hours to show in the widget.
     //$max   = ($chart_info['range'] == '')? 16 : $chart_info['range'];
     $max = 16;
     //By now it will be always 24 hours
     //Type of graph. In this case is the simple raphael.
     $js = "analytics_duo";
     //Retrieving the data of the widget
     $trend1 = Session::menu_perms("analysis-menu", "EventsForensics") ? SIEM_trends($max, $assets_filters) : array();
     //Empty logger if any user perms over ctx, host, net
     $trend2 = array();
     if (Session::is_pro() && Session::menu_perms("analysis-menu", "ControlPanelSEM")) {
         $trend2 = Logger_trends();
     }
     for ($i = $max - 1; $i >= 0; $i--) {
         $h = gmdate("j G", $timetz - 3600 * $i) . "h";
         $label[] = preg_replace("/^\\d+ /", "", $h);
         $data1[] = $trend1[$h] != "" ? $trend1[$h] : 0;
         $data2[] = $trend2[$h] != "" ? $trend2[$h] : 0;
     }
     $data[] = $data1;
     $data[] = $data2;
     $siem_url = "'" . Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz) . "&time[0][3]=" . gmdate("d", $timetz) . "&time[0][4]=" . gmdate("Y", $timetz) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz) . "&time[1][3]=" . gmdate("d", $timetz) . "&time[1][4]=" . gmdate("Y", $timetz) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events') . "'";
     $siem_url_y = "'" . Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz - 86400) . "&time[0][3]=" . gmdate("d", $timetz - 86400) . "&time[0][4]=" . gmdate("Y", $timetz - 86400) . "&time[0][5]=HH&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $timetz - 86400) . "&time[1][3]=" . gmdate("d", $timetz - 86400) . "&time[1][4]=" . gmdate("Y", $timetz - 86400) . "&time[1][5]=HH&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events') . "'";
     if (Session::is_pro()) {
         $logger_url = "'" . Menu::get_menu_url('/ossim/sem/index.php?start=' . urlencode(gmdate("Y-m-d", $timetz) . " HH:00:00") . '&end=' . urlencode(gmdate("Y-m-d", $timetz) . " HH:59:59"), 'analysis', 'raw_logs') . "'";
         $logger_url_y = "'" . Menu::get_menu_url('/ossim/sem/index.php?start=' . urlencode(gmdate("Y-m-d", $timetz - 86400) . " HH:00:00") . '&end=' . urlencode(gmdate("Y-m-d", $timetz - 86400) . " HH:59:59"), 'analysis', 'raw_logs') . "'";
     } else {
示例#4
0
文件: siem.php 项目: jackpf/ossim-arc
 //$max   = ($chart_info['range'] == '')? 16 : $chart_info['range'];
 $max = 16;
 //By now it will be always 24 hours
 //Type of graph. In this case is the simple raphael.
 $js = "analytics_duo";
 $fdate = gmdate("Y-m-d H", $timetz - 3600 * ($max - 1));
 //Retrieving the data of the widget
 $trend1 = array();
 if (Session::menu_perms("analysis-menu", "EventsForensics")) {
     $trend1 = SIEM_trends($max, $assets_filters, $fdate);
 }
 //Empty logger if any user perms over ctx, host, net
 $trend2 = array();
 $logger_last_date = gmdate("YmdHis", $timetz);
 if (Session::is_pro() && Session::menu_perms("analysis-menu", "ControlPanelSEM")) {
     list($trend2, $logger_last_date) = Logger_trends();
 }
 for ($i = $max - 1; $i >= 0; $i--) {
     $tref = $timetz - 3600 * $i;
     $h = gmdate("j G", $tref) . "h";
     $lbl = preg_replace("/^\\d+ /", "", $h);
     $label[] = $lbl;
     $data1[] = $trend1[$h] != "" ? $trend1[$h] : 0;
     $data2[] = $trend2[$h] != "" ? $trend2[$h] : 0;
     $dates[] = gmdate("YmdHis", $tref);
     $siem_link = Menu::get_menu_url("/ossim/forensics/base_qry_main.php?clear_allcriteria=1&time_range=range&time[0][0]=+&time[0][1]=>%3D&time[0][2]=" . gmdate("m", $timetz) . "&time[0][3]=" . gmdate("d", $tref) . "&time[0][4]=" . gmdate("Y", $tref) . "&time[0][5]=" . gmdate("H", $tref) . "&time[0][6]=00&time[0][7]=00&time[0][8]=+&time[0][9]=AND&time[1][0]=+&time[1][1]=<%3D&time[1][2]=" . gmdate("m", $tref) . "&time[1][3]=" . gmdate("d", $tref) . "&time[1][4]=" . gmdate("Y", $tref) . "&time[1][5]=" . gmdate("H", $tref) . "&time[1][6]=59&time[1][7]=59&time[1][8]=+&time[1][9]=+&submit=Query+DB&num_result_rows=-1&time_cnt=2&sort_order=time_d&hmenu=Forensics&smenu=Forensics", 'analysis', 'security_events');
     if (Session::is_pro()) {
         $logger_link = Menu::get_menu_url('/ossim/sem/index.php?start=' . urlencode(gmdate("Y-m-d H", $tref) . ":00:00") . '&end=' . urlencode(gmdate("Y-m-d H", $tref) . ":59:59"), 'analysis', 'raw_logs');
     } else {
         $logger_link = Menu::get_menu_url('/ossim/ossem/index.php', 'analysis', 'raw_logs');
     }