function get_unresolved_alarms($conn)
{
$alarms = intval(Alarm::get_count($conn, '', '', 1, TRUE));
$alarms_prev = intval($_SESSION['_unresolved_alarms']);
if ($alarms != $alarms_prev && $alarms_prev > 0) {
$new_alarms = $alarms - $alarms_prev;
} else {
$new_alarms = 0;
}
$_SESSION['_unresolved_alarms'] = $alarms;
$data['alarms'] = $alarms;
$data['new_alarms'] = $new_alarms;
$data['new_alarms_desc'] = '';
if ($new_alarms > 0) {
$criteria = array('src_ip' => '', 'dst_ip' => '', 'hide_closed' => 1, 'order' => 'ORDER BY a.timestamp DESC', 'inf' => 0, 'sup' => $new_alarms, 'date_from' => '', 'date_to' => '', 'query' => '', 'directive_id' => '', 'intent' => 0, 'sensor' => '', 'tag' => '', 'num_events' => '', 'num_events_op' => 0, 'plugin_id' => '', 'plugin_sid' => '', 'ctx' => '', 'host' => '', 'net' => '', 'host_group' => '');
list($alarm_list, $count) = Alarm::get_list($conn, $criteria);
$alarm_string = '';
foreach ($alarm_list as $alarm) {
$desc_alarm = Util::translate_alarm($conn, $alarm->get_sid_name(), $alarm);
$desc_alarm = html_entity_decode(str_replace("'", "\\'", $desc_alarm));
$desc_alarm = str_replace('"', """, $desc_alarm);
$desc_alarm = str_replace('—', "-", $desc_alarm);
$desc_alarm = Util::js_entities($desc_alarm);
if ($alarm_string != '') {
$alarm_string .= '|';
}
$alarm_string .= $desc_alarm;
}
$data['new_alarms_desc'] = $alarm_string;
}
$return['error'] = FALSE;
$return['output'] = $data;
return $return;
}
require_once 'ossim_db.inc';
require_once 'classes/Host.inc';
require_once 'classes/Host_os.inc';
require_once 'classes/Alarm.inc';
require_once 'classes/Plugin.inc';
require_once 'classes/Plugin_sid.inc';
require_once 'classes/Port.inc';
require_once 'classes/Util.inc';
$ITEMS = 50;
$db = new ossim_db();
$conn = $db->connect();
$inf = 0;
$sup = $ITEMS;
$count = Alarm::get_count($conn, $src_ip, $dst_ip, $hide_closed);
$time_start = time();
if ($alarm_list = Alarm::get_list($conn, $src_ip, $dst_ip, $hide_closed, "ORDER by timestamp DESC", $inf, $sup)) {
$datemark = "";
foreach ($alarm_list as $alarm) {
/* hide closed alarmas */
if ($alarm->get_status() == "closed") {
continue;
}
$id = $alarm->get_plugin_id();
$sid = $alarm->get_plugin_sid();
$backlog_id = $alarm->get_backlog_id();
$sid_name = "";
if ($plugin_sid_list = Plugin_sid::get_list($conn, "WHERE plugin_id = {$id} AND sid = {$sid}")) {
$sid_name = $plugin_sid_list[0]->get_name();
} else {
$sid_name = "Unknown (id={$id} sid={$sid})";
}
} elseif (!empty($dst_ip)) {
$where = "WHERE inet_ntoa(dst_ip) = '{$dst_ip}'";
} else {
$where = '';
}
//Datasource filter
$plugin_id = "";
$plugin_sid = "";
if (!empty($ds_id)) {
$ds = explode("-", $ds_id);
$plugin_id = $ds[0];
$plugin_sid = $ds[1];
}
// Improved efficiency get_list
$criteria = array("src_ip" => $src_ip, "dst_ip" => $dst_ip, "hide_closed" => $hide_closed, "order" => "ORDER BY {$order}", "inf" => $inf, "sup" => $sup, "date_from" => $date_from, "date_to" => $date_to, "query" => $query, "directive_id" => $directive_id, "intent" => $intent, "sensor" => $sensor_query, "tag" => $tag, "num_events" => $num_events, "num_events_op" => $num_events_op, "plugin_id" => $plugin_id, "plugin_sid" => $plugin_sid, "ctx" => "", "host" => $host_id, "net" => $net_id, "host_group" => '');
list($alarm_list, $count) = Alarm::get_list($conn, $criteria, true);
/*
* Pagination
*/
$total = $inf > 0 && intval($_SESSION["_alarm_count"]) > 0 ? $_SESSION["_alarm_count"] : $count;
// Timezone correction
$tz = Util::get_timezone();
//
$results = array();
$sound = 0;
$cont_tr = 0;
$time_start = time();
if ($count > 0) {
foreach ($alarm_list as $alarm) {
/* hide closed alarmas */
if ($alarm->get_status() == "closed" and $hide_closed == 1) {
if (ossim_error()) {
die(ossim_error());
}
$db = new ossim_db();
$conn = $db->connect();
// Get Directive info
list($properties, $num_properties) = Compliance::get_category($conn, "AND category.sid={$directive_id}");
// Get ISO 27001 rules linked to this directive.
$iso_groups = Compliance_iso27001::get_groups($conn, "WHERE SIDSS_Ref LIKE '{$directive_id}' OR SIDSS_Ref LIKE '{$directive_id},%' OR SIDSS_Ref LIKE '%,{$directive_id}' OR SIDSS_Ref LIKE '%,{$directive_id},%'");
// Get PCI DSS 2.0 rules linked to this directive.
$pci2_groups = Compliance_pci::get_groups($conn, "WHERE SIDSS_ref LIKE '{$directive_id}' OR SIDSS_ref LIKE '{$directive_id},%' OR SIDSS_ref LIKE '%,{$directive_id}' OR SIDSS_ref LIKE '%,{$directive_id},%'");
// Get PCI DSS 3.0 rules linked to this directive.
Compliance_pci::set_pci_version(3);
$pci3_groups = Compliance_pci::get_groups($conn, "WHERE SIDSS_ref LIKE '{$directive_id}' OR SIDSS_ref LIKE '{$directive_id},%' OR SIDSS_ref LIKE '%,{$directive_id}' OR SIDSS_ref LIKE '%,{$directive_id},%'");
$criteria = array("src_ip" => '', "dst_ip" => '', "hide_closed" => 0, "order" => '', "inf" => 0, "sup" => 5, "date_from" => '', "date_to" => '', "query" => '', "directive_id" => $directive_id, "intent" => 0, "sensor" => '', "tag" => '', "num_events" => '', "num_events_op" => 0, "plugin_id" => '', "plugin_sid" => '', "ctx" => '', "host" => '', "net" => '', "host_group" => '');
list($alarms, $num_alarms) = Alarm::get_list($conn, $criteria);
?>
<table class="transparent" height="100%" width="100%">
<tr>
<td class="nobborder" valign="top">
<table height="100%" width="100%">
<tr><th colspan="2" height="15"><?php
echo _("Properties");
?>
</th></tr>
<?php
if (count($properties) < 1) {
?>
<tr>
<td class="nobborder center" style="color:gray;padding:10px;white-space: nowrap;">
