本文整理汇总了PHP中ossim_db::connect方法的典型用法代码示例。如果您正苦于以下问题:PHP ossim_db::connect方法的具体用法?PHP ossim_db::connect怎么用?PHP ossim_db::connect使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类ossim_db
的用法示例。
在下文中一共展示了ossim_db::connect方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: load_layout
function load_layout($name_layout, $category = 'policy')
{
$db = new ossim_db();
$conn = $db->connect();
$config = new User_config($conn);
$login = Session::get_session_user();
$data = $config->get($login, $name_layout, 'php', $category);
return $data == null ? array() : $data;
}
示例2: file
function end_upgrade()
{
require_once 'ossim_db.inc';
$dbsock = new ossim_db();
$db = $dbsock->connect();
$configxml = "/etc/ossim/server/config.xml";
$name = "Not found";
// Check server name
if (file_exists($configxml)) {
$lines = file($configxml);
foreach ($lines as $line) {
if (preg_match("/\\<server.*name=\"([^\"]+)\"/", $line, $found)) {
$name = $found[1];
}
}
}
// Search in DB for name
$sql = "SELECT * FROM server_role WHERE name=\"{$name}\"";
if (!($rs = $db->Execute($sql))) {
print $db->ErrorMsg();
} elseif (!$rs->EOF) {
// Found -> Update
$correlate = $rs->fields['correlate'] ? "yes" : "no";
$cross_correlate = $rs->fields['cross_correlate'] ? "yes" : "no";
$store = $rs->fields['store'] ? "yes" : "no";
$qualify = $rs->fields['qualify'] ? "yes" : "no";
$resend_alarm = $rs->fields['resend_alarm'] ? "yes" : "no";
$resend_event = $rs->fields['resend_event'] ? "yes" : "no";
$sign = $rs->fields['sign'] ? "yes" : "no";
$sem = $rs->fields['sem'] ? "yes" : "no";
$sim = $rs->fields['sim'] ? "yes" : "no";
$alarms_to_syslog = $rs->fields['alarms_to_syslog'] ? "yes" : "no";
require_once 'classes/Config.inc';
$conf = new Config();
$conf->update("server_correlate", $correlate);
$conf->update("server_cross_correlate", $cross_correlate);
$conf->update("server_store", $store);
$conf->update("server_qualify", $qualify);
$conf->update("server_forward_alarm", $resend_alarm);
$conf->update("server_forward_event", $resend_event);
$conf->update("server_sign", $sign);
$conf->update("server_sem", $sem);
$conf->update("server_sim", $sim);
$conf->update("server_alarms_to_syslog", $alarms_to_syslog);
}
exec("sudo /etc/init.d/ossim-server restart");
//
// Reload ACLS
//
$this->reload_acls();
return true;
}
示例3: get_report_uuid
function get_report_uuid()
{
require_once 'classes/Session.inc';
$uuid = Session::get_secure_id();
$url = null;
if (empty($uuid)) {
$db = new ossim_db();
$dbconn = $db->connect();
$user = Session::get_session_user();
$query = 'SELECT * FROM `users` WHERE login="' . $user . '"';
$result = $dbconn->Execute($query);
if (is_array($result->fields) && !empty($result->fields)) {
$pass = $result->fields["pass"];
$uuid = sha1($user . "#" . $pass);
} else {
$uuid = false;
}
}
return $uuid;
}
示例4: get_user_icon
function get_user_icon($login, $pro)
{
${$pixmaps} = '../pixmaps/user-green.png';
$db = new ossim_db();
$conn = $db->connect();
$user = Session::get_list($conn, "WHERE login='{$login}'");
if ($pro) {
// Pro-version
if ($login == ACL_DEFAULT_OSSIM_ADMIN || $user[0]->get_is_admin()) {
$pixmaps = '../pixmaps/user-gadmin.png';
} elseif (Acl::is_proadmin($conn, $user[0]->get_login())) {
$pixmaps = '../pixmaps/user-business.png';
}
} else {
// Open Source
if ($login == ACL_DEFAULT_OSSIM_ADMIN || $user[0]->get_is_admin()) {
$pixmaps = "../pixmaps/user-gadmin.png";
}
}
$db->close();
return $pixmaps;
}
示例5: SIEM_trends_week
function SIEM_trends_week($param = '')
{
global $tz;
$tzc = Util::get_tzc($tz);
$data = array();
$plugins = '';
$plugins_sql = '';
$db = new ossim_db(TRUE);
$dbconn = $db->connect();
$_asset_where = make_asset_filter();
$asset_where = $_asset_where[1];
$sensor_where = make_ctx_filter() . $asset_where;
$tax_join = '';
if (preg_match("/taxonomy\\=(.+)/", $param, $found)) {
if ($found[1] == 'honeypot') {
$tax_join = 'alienvault.plugin_sid p, ';
$tax_where = 'AND acid_event.plugin_id = p.plugin_id AND acid_event.plugin_sid = p.sid AND p.category_id = 19';
}
$param = '';
} elseif ($param == 'ossec%') {
$plugins_sql = 'AND acid_event.plugin_id between ' . OSSEC_MIN_PLUGIN_ID . ' AND ' . OSSEC_MAX_PLUGIN_ID;
$plugins = OSSEC_MIN_PLUGIN_ID . '-' . OSSEC_MAX_PLUGIN_ID;
}
$sqlgraph = "SELECT SUM(acid_event.cnt) as num_events, day(convert_tz(timestamp,'+00:00','{$tzc}')) AS intervalo, monthname(convert_tz(timestamp,'+00:00','{$tzc}')) AS suf \n FROM {$tax_join} alienvault_siem.ac_acid_event acid_event\n WHERE timestamp BETWEEN '" . gmdate("Y-m-d 00:00:00", gmdate("U") - 604800) . "' AND '" . gmdate("Y-m-d 23:59:59") . "' {$plugins_sql} {$sensor_where} {$tax_where} \n GROUP BY suf, intervalo \n ORDER BY suf, intervalo";
$rg = $dbconn->CacheExecute($sqlgraph);
if (!$rg) {
Av_exception::write_log(Av_exception::DB_ERROR, $dbconn->ErrorMsg());
} else {
while (!$rg->EOF) {
$hours = $rg->fields['intervalo'] . ' ' . substr($rg->fields['suf'], 0, 3);
$data[$hours] = $rg->fields['num_events'];
$rg->MoveNext();
}
}
$db->close();
return $param != '' ? array($data, $plugins) : $data;
}
示例6: get_user_icon
function get_user_icon($login, $pro)
{
require_once 'ossim_db.inc';
$db = new ossim_db();
$dbconn = $db->connect();
$user = Session::get_list($dbconn, "WHERE login='{$login}'");
if ($pro) {
// Pro-version
if ($login == ACL_DEFAULT_OSSIM_ADMIN || $user[0]->get_is_admin()) {
return "../pixmaps/user-gadmin.png";
} elseif (Acl::is_proadmin($dbconn, $user[0]->get_login())) {
return "../pixmaps/user-business.png";
} else {
return "../pixmaps/user-green.png";
}
} else {
// Opensource
if ($login == ACL_DEFAULT_OSSIM_ADMIN || $user[0]->get_is_admin()) {
return "../pixmaps/user-gadmin.png";
} else {
return "../pixmaps/user-green.png";
}
}
}
示例7: SIEM_trends_hids
function SIEM_trends_hids($agent_ip)
{
include_once '../panel/sensor_filter.php';
require_once 'classes/Plugin.inc';
require_once 'classes/Util.inc';
require_once 'ossim_db.inc';
$tz = Util::get_timezone();
$tzc = Util::get_tzc($tz);
$data = array();
$plugins = $plugins_sql = "";
$db = new ossim_db();
$dbconn = $db->connect();
$sensor_where = make_sensor_filter($dbconn);
// Ossec filter
$oss_p_id_name = Plugin::get_id_and_name($dbconn, "WHERE name LIKE 'ossec%'");
$plugins = implode(",", array_flip($oss_p_id_name));
$plugins_sql = "AND acid_event.plugin_id in ({$plugins})";
// Agent ip filter
$agent_where = make_sid_filter($dbconn, $agent_ip);
if ($agent_where == "") {
$agent_where = "0";
}
$sqlgraph = "SELECT COUNT(acid_event.sid) as num_events, day(convert_tz(timestamp,'+00:00','{$tzc}')) as intervalo, monthname(convert_tz(timestamp,'+00:00','{$tzc}')) as suf FROM snort.acid_event LEFT JOIN ossim.plugin ON acid_event.plugin_id=plugin.id WHERE sid in ({$agent_where}) AND timestamp BETWEEN '" . gmdate("Y-m-d 00:00:00", gmdate("U") - 604800) . "' AND '" . gmdate("Y-m-d 23:59:59") . "' {$plugins_sql} {$sensor_where} GROUP BY suf,intervalo ORDER BY suf,intervalo";
//print $sqlgraph;
if (!($rg =& $dbconn->Execute($sqlgraph))) {
return false;
} else {
while (!$rg->EOF) {
$hours = $rg->fields["intervalo"] . " " . substr($rg->fields["suf"], 0, 3);
$data[$hours] = $rg->fields["num_events"];
$rg->MoveNext();
}
}
$db->close($dbconn);
return $data;
}
示例8: import_assets_csv
function import_assets_csv($filename)
{
require_once 'classes/Util.inc';
$response = array();
$db = new ossim_db();
$conn = $db->connect();
if (($content = file($filename, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES)) == false) {
$response['file_errors'] = "Failed to read file";
$response['status'] = false;
return $response;
} else {
foreach ($content as $k => $v) {
$data[] = explode(";", $v);
}
}
$cont = 0;
ini_set('max_execution_time', 180);
ids_valid($data);
if (count($data) <= 0) {
$response['file_errors'] = _("Incompatible file format");
$response['status'] = false;
return $response;
}
$allowed_sensors = Session::allowedSensors();
if (!empty($allowed_sensors)) {
$my_allowed_sensors = explode(',', $allowed_sensors);
} else {
$response['file_errors'] = _("You need at least one sensor assigned");
$response['status'] = false;
return $response;
}
foreach ($data as $k => $v) {
$response['status'] = true;
$response['read_line'] = $cont;
$cont++;
if (count($v) != 8) {
$response['line_errors'][$cont][] = array("Line", _("Format not allowed"));
$response['status'] = false;
}
$param = array();
foreach ($v as $i => $field) {
$parameter = trim($field);
$pattern = '/^\\"|\\"$|^\'|\'$/';
$param[] = preg_replace($pattern, '', $parameter);
}
//IP
if (!ossim_valid($param[0], OSS_IP_ADDR, 'illegal:' . _("IP"))) {
$response['line_errors'][$cont][] = array("IP", ossim_get_error_clean());
$response['status'] = false;
}
//Hostname
if (empty($param[1])) {
$param[1] = $param[0];
} else {
if (!ossim_valid($param[1], OSS_SCORE, OSS_ALPHA, OSS_PUNC, 'illegal:' . _("Hostname"))) {
$response['line_errors'][$cont][] = array("Hostname", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
}
//FQDNs
if (!empty($param[2])) {
$fqdns_list = explode(",", $param[2]);
foreach ($fqdns_list as $k => $fqdn) {
if (!ossim_valid(trim($fqdn), OSS_NULLABLE, OSS_ALPHA, OSS_PUNC, 'illegal:' . _("FQDN/Aliases"))) {
$response['line_errors'][$cont][] = array("FQDN/Aliases", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
}
}
//Description
if (!ossim_valid($param[3], OSS_NULLABLE, OSS_SCORE, OSS_ALPHA, OSS_PUNC, OSS_AT, 'illegal:' . _("Description"))) {
$response['line_errors'][$cont][] = array("Description", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
//Asset
if ($param[4] == '') {
$param[4] = 2;
} else {
if (!ossim_valid($param[4], OSS_NULLABLE, OSS_DIGIT, 'illegal:' . _("Asset value"))) {
$response['line_errors'][$cont][] = array("Asset", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
}
//NAT
if (!ossim_valid($param[5], OSS_NULLABLE, OSS_IP_ADDR, 'illegal:' . _("NAT"))) {
$response['line_errors'][$cont][] = array("NAT", ossim_get_error_clean());
$response['status'] = false;
ossim_clean_error();
}
//Sensors
$sensors = array();
if (!empty($param[6])) {
$sensor_name = array();
$list = explode(",", $param[6]);
$sensors_list = array_intersect($list, $my_allowed_sensors);
if (!empty($sensors_list)) {
//.........这里部分代码省略.........
示例9: unset
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA 02110-1301 USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'ossim_db.inc';
$db = new ossim_db();
$conn1 = $db->connect();
require 'general.php';
$htmlPdfReport->pageBreak();
$htmlPdfReport->setBookmark($title);
$htmlPdfReport->set($htmlPdfReport->newTitle($title, $date_from, $date_to, ''));
if (Session::menu_perms("analysis-menu", "EventsForensics")) {
$htmlPdfReport->set('<table class="w100" style="padding:15px 0px 0px 0px;" cellpadding="2" cellspacing="2">');
$list = $pdf->IncidentSummaryNoPDF($title, "Alarm", '', null, $args, null, $conn1, $user);
unset($list['TipoIncidente']);
$colors = array("red" => "px_red.png", "orange" => "px_orange.png", "green" => "px_green.png");
$c = 0;
$size = count($list);
if ($size > 0) {
$htmlPdfReport->set('
<tr>
<th style="width:30mm;" class="center">' . _("Date") . '</th>
示例10: DisplayProcessing
function DisplayProcessing()
{
global $self;
global $ListNOption;
global $TopNOption;
global $OutputFormatOption;
global $IPStatOption;
global $IPStatOrder;
global $LimitScale;
require_once 'av_init.php';
$geoloc = new Geolocation("/usr/share/geoip/GeoLiteCity.dat");
$db_aux = new ossim_db();
$conn_aux = $db_aux->connect();
$aux_ri_interfaces = Remote_interface::get_list($conn_aux, "WHERE status = 1");
$ri_list = $aux_ri_interfaces[0];
$ri_total = $aux_ri_interfaces[1];
$ri_data = array();
if ($ri_total > 0) {
foreach ($ri_list as $r_interface) {
$ri_data[] = array("name" => $r_interface->get_name(), "id" => "web_interfaces", "target" => "_blank", "url" => $r_interface->get_ip());
}
}
$type = $detail_opts['type'] == "flows" ? 0 : ($detail_opts['type'] == "packets" ? 1 : 2);
if ($ri_total >= 0) {
echo '<a name="processing"></a>';
}
$detail_opts = $_SESSION['detail_opts'];
$process_form = $_SESSION['process_form'];
?>
<table style='width:100%;margin-top:15px;margin-bottom:5px;border:none'><tr>
<td class='nobborder'><b><?php
echo _("Netflow Processing");
?>
</b></td>
<td class='noborder nfsen_menu'>
<a href='javascript:lastsessions()'><?php
echo _("List last 500 sessions");
?>
</a> |
<a href='javascript:launch("2","<?php
echo $type;
?>
")'><?php
echo _("Top 10 Src IPs");
?>
</a> |
<a href='javascript:launch("3","<?php
echo $type;
?>
")'><?php
echo _("Top 10 Dst IPs");
?>
</a> |
<a href='javascript:launch("5","<?php
echo $type;
?>
")'><?php
echo _("Top 10 Src Port");
?>
</a> |
<a href='javascript:launch("6","<?php
echo $type;
?>
")'><?php
echo _("Top 10 Dst Port");
?>
</a> |
<a href='javascript:launch("13","<?php
echo $type;
?>
")'><?php
echo _("Top 10 Proto");
?>
</a>
</td></tr></table>
<form action="<?php
echo $self;
?>
" onSubmit="return ValidateProcessForm()" id="FlowProcessingForm" method="POST" laction="<?php
echo $self;
?>
">
<?php
if (preg_match("/^\\d+\$/", $_SESSION['tend'])) {
?>
<input type="hidden" name="tend" value="<?php
echo intval($_SESSION['tend']);
?>
" />
<?php
}
if (preg_match("/^\\d+\$/", $_SESSION['tleft'])) {
?>
<input type="hidden" name="tleft" value="<?php
echo intval($_SESSION['tleft']);
?>
" />
<?php
//.........这里部分代码省略.........
示例11: query_inventory
function query_inventory($value)
{
require_once 'ossim_db.inc';
// Database Object
$db = new ossim_db();
$conn = $db->connect();
$date_from = $_SESSION['inventory_search']['date_from'] != "" ? $_SESSION['inventory_search']['date_from'] : "1700-01-01";
$date_to = $_SESSION['inventory_search']['date_to'] != "" ? $_SESSION['inventory_search']['date_to'] : "3000-01-01";
$value = str_replace("/", "\\/", $value);
$error = "";
$matches = array();
$ips = array();
// OS
$allips = array();
$sql = "SELECT DISTINCT ip FROM host_os";
if (!($rs =& $conn->Execute($sql))) {
$error = _("Error in Query: {$sql}");
} else {
while (!$rs->EOF) {
$allips[] = $rs->fields['ip'];
$rs->MoveNext();
}
}
foreach ($allips as $ip) {
/*
$anom0os = $anom1os = "";
$sql2 = "SELECT os FROM host_os WHERE os LIKE '%$value%' AND ip=$ip AND anom=0 AND date >= '$date_from' AND date <= '$date_to' ORDER BY date DESC LIMIT 1";
if (!$rs = & $conn->Execute($sql2, $params)) {
$error = _("Error in Query: $sql2");
} else {
while (!$rs->EOF) {
$anom0os = $rs->fields['os'];
$rs->MoveNext();
}
}
$sql2 = "SELECT os FROM host_os WHERE os LIKE '%$value%' AND ip=$ip AND anom=1 AND date >= '$date_from' AND date <= '$date_to' ORDER BY date DESC LIMIT 1";
if (!$rs = & $conn->Execute($sql2, $params)) {
$error = _("Error in Query: $sql2");
} else {
while (!$rs->EOF) {
$anom1os = $rs->fields['os'];
$rs->MoveNext();
}
}
if ($anom0os != "") $matches[$anom0os][] = long2ip($ip); // Add IP to list
elseif ($anom1os != "") $matches[$anom1os][] = long2ip($ip);
*/
$ret = Host_os::get_ip_data($conn, long2ip($ip));
$matches[$ret['os']][] = long2ip($ip);
}
// Services
$allips = array();
$sql = "SELECT DISTINCT ip FROM host_services";
if (!($rs =& $conn->Execute($sql))) {
$error = _("Error in Query: {$sql}");
} else {
while (!$rs->EOF) {
$allips[] = $rs->fields['ip'];
$rs->MoveNext();
}
}
foreach ($allips as $ip) {
$anom0serv = $anom1serv = "";
$sql2 = "SELECT service FROM host_services WHERE service LIKE '%{$value}%' AND ip={$ip} AND anom=0 AND date >= '{$date_from}' AND date <= '{$date_to}' ORDER BY date DESC LIMIT 1";
if (!($rs =& $conn->Execute($sql2, $params))) {
$error = _("Error in Query: {$sql2}");
} else {
while (!$rs->EOF) {
$anom0serv = $rs->fields['service'];
$rs->MoveNext();
}
//if ($ip == 3232235781) return array(1,"matches IP $anom0serv");
}
$sql2 = "SELECT service FROM host_services WHERE service LIKE '%{$value}%' AND ip={$ip} AND anom=1 ORDER BY date AND date >= '{$date_from}' AND date <= '{$date_to}' DESC LIMIT 1";
if (!($rs =& $conn->Execute($sql2, $params))) {
$error = _("Error in Query: {$sql2}");
} else {
while (!$rs->EOF) {
$anom1serv = $rs->fields['service'];
$rs->MoveNext();
}
}
if ($anom0serv != "") {
$matches[$anom0serv][] = long2ip($ip);
} elseif ($anom1serv != "") {
$matches[$anom1serv][] = long2ip($ip);
}
}
foreach ($matches as $os_service => $ips_arr) {
//echo "found $os_service<br>";
//return array(1,"matches ".implode(",",array_keys($matches)));
if (preg_match("/{$value}/i", $os_service)) {
$ips = $ips_arr;
}
}
if ($error != "") {
return array(1, $error);
} else {
return array(0, $ips);
}
//.........这里部分代码省略.........
示例12: get_report_data
function get_report_data($id = NULL)
{
$conf = $GLOBALS['CONF'];
$conf = !$conf ? new Ossim_conf() : $conf;
$y = strftime('%Y', time() - 24 * 60 * 60 * 30);
$m = strftime('%m', time() - 24 * 60 * 60 * 30);
$d = strftime('%d', time() - 24 * 60 * 60 * 30);
$reports['asset_report'] = array('report_name' => _('Asset Details'), 'report_id' => 'asset_report', 'type' => 'external', 'link_id' => 'link_ar_asset', 'link' => '', 'parameters' => array(array('name' => _('Host Name/IP/Network'), 'id' => 'ar_asset', 'type' => 'asset', 'default_value' => '')), 'access' => Session::menu_perms('environment-menu', 'PolicyHosts') || Session::menu_perms('environment-menu', 'PolicyNetworks'), 'send_by_email' => 0);
$status_values = array('All' => array('text' => _('All')), 'Open' => array('text' => _('Open')), 'Assigned' => array('text' => _('Assigned')), 'Studying' => array('text' => _('Studying')), 'Waiting' => array('text' => _('Waiting')), 'Testing' => array('text' => _('Testing')), 'Closed' => array('text' => _('Closed')));
$types_values = array('ALL' => array('text' => _('ALL')), 'Expansion Virus' => array('text' => _('Expansion Virus')), 'Corporative Nets Attack' => array('text' => _('Corporative Nets Attack')), 'Policy Violation' => array('text' => _('Policy Violation')), 'Security Weakness' => array('text' => _('Security Weakness')), 'Net Performance' => array('text' => _('Net Performance')), 'Applications and Systems Failures' => array('text' => _('Applications and Systems Failures')), 'Anomalies' => array('text' => _('Anomalies')), 'Vulnerability' => array('text' => _('Vulnerability')));
$priority_values = array('High' => _('High'), 'Medium' => _('Medium'), 'Low' => _('Low'));
$reports['tickets_report'] = array('report_name' => _('Tickets Report'), 'report_id' => 'tickets_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'alarm' => array('id' => 'alarm', 'name' => _('Alarm'), 'report_file' => 'os_reports/Tickets/Alarm.php'), 'event' => array('id' => 'event', 'name' => _('Event'), 'report_file' => 'os_reports/Tickets/Event.php'), 'anomaly' => array('id' => 'anomaly', 'name' => _('Anomaly'), 'report_file' => 'os_reports/Tickets/Anomaly.php'), 'vulnerability' => array('id' => 'vulnerability', 'name' => _('Vulnerability'), 'report_file' => 'os_reports/Tickets/Vulnerability.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'tr_date_from', 'date_to_id' => 'tr_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d'))), array('name' => _('Status'), 'id' => 'tr_status', 'type' => 'select', 'values' => $status_values), array('name' => _('Type'), 'id' => 'tr_type', 'type' => 'select', 'values' => $types_values), array('name' => _('Priority'), 'id' => 'tr_priority', 'type' => 'checkbox', 'values' => $priority_values)), 'access' => Session::menu_perms('analysis-menu', 'IncidentsIncidents'), 'send_by_email' => 1);
$reports['alarm_report'] = array('report_name' => _('Alarms Report'), 'report_id' => 'alarm_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'top_attacker_host' => array('id' => 'top_attacker_host', 'name' => _('Top 10 Attacker Host'), 'report_file' => 'os_reports/Alarms/AttackerHosts.php'), 'top_attacked_host' => array('id' => 'top_attacked_host', 'name' => _('Top 10 Attacked Host'), 'report_file' => 'os_reports/Alarms/AttackedHosts.php'), 'used_port' => array('id' => 'used_port', 'name' => _('Top 10 Used Ports'), 'report_file' => 'os_reports/Alarms/UsedPorts.php'), 'top_events' => array('id' => 'top_events', 'name' => _('Top 15 Alarms'), 'report_file' => 'os_reports/Alarms/TopAlarms.php'), 'events_by_risk' => array('id' => 'events_by_risk', 'name' => _('Top 15 Alarms by Risk'), 'report_file' => 'os_reports/Alarms/TopAlarmsByRisk.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'ar_date_from', 'date_to_id' => 'ar_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('analysis-menu', 'ControlPanelAlarms'), 'send_by_email' => 1);
$reports['bc_pci_report'] = array('report_name' => _('Business & Compliance ISO PCI Report'), 'report_id' => 'bc_pci_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'threat_overview' => array('id' => 'threat_overview', 'name' => _('Threat overview'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/ThreatOverview.php'), 'bri_risks' => array('id' => 'bri_risks', 'name' => _('Business real impact risks'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/BusinessPotentialImpactsRisks.php'), 'ciap_impact' => array('id' => 'ciap_impact', 'name' => _('C.I.A Potential impact'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/CIAPotentialImpactsRisks.php'), 'pci_dss' => array('id' => 'pci_dss', 'name' => _('PCI-DSS 2.0'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/PCI-DSS.php'), 'pci_dss3' => array('id' => 'pci_dss3', 'name' => _('PCI-DSS 3.0'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/PCI-DSS3.php'), 'trends' => array('id' => 'trends', 'name' => _('Trends'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/Trends.php'), 'iso27002_p_impact' => array('id' => 'iso27002_p_impact', 'name' => _('ISO27002 Potential impact'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/ISO27002PotentialImpact.php'), 'iso27001' => array('id' => 'iso27001', 'name' => _('ISO27001'), 'report_file' => 'os_reports/BusinessAndComplianceISOPCI/ISO27001.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'bc_pci_date_from', 'date_to_id' => 'bc_pci_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('report-menu', 'ReportsReportServer'), 'send_by_email' => 1);
$reports['siem_report'] = array('report_name' => _('SIEM Events'), 'report_id' => 'siem_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'top_attacker_host' => array('id' => 'top_attacker_host', 'name' => _('Top 10 Attacker Host'), 'report_file' => 'os_reports/Siem/AttackerHosts.php'), 'top_attacked_host' => array('id' => 'top_attacked_host', 'name' => _('Top 10 Attacked Host'), 'report_file' => 'os_reports/Siem/AttackedHosts.php'), 'used_port' => array('id' => 'used_port', 'name' => _('Top 10 Used Ports'), 'report_file' => 'os_reports/Siem/UsedPorts.php'), 'top_events' => array('id' => 'top_events', 'name' => _('Top 15 Events'), 'report_file' => 'os_reports/Siem/TopEvents.php'), 'events_by_risk' => array('id' => 'events_by_risk', 'name' => _('Top 15 Events by Risk'), 'report_file' => 'os_reports/Siem/TopEventsByRisk.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'sr_date_from', 'date_to_id' => 'sr_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('analysis-menu', 'EventsForensics'), 'send_by_email' => 1);
$reports['vulnerabilities_report'] = array('report_name' => _('Vulnerabilities Report'), 'report_id' => 'vulnerabilities_report', 'type' => 'external', 'target' => '_blank', 'link_id' => 'link_vr', 'link' => Menu::get_menu_url('../vulnmeter/lr_respdf.php?ipl=all&scantype=M', 'environment', 'vulnerabilities', 'overview'), 'access' => Session::menu_perms('analysis-menu', 'EventsVulnerabilities'), 'send_by_email' => 0);
$reports['th_vuln_db'] = array('report_name' => _('Threats & Vulnerabilities Database'), 'report_id' => 'th_vuln_db', 'type' => 'external', 'link_id' => 'link_tvd', 'link' => Menu::get_menu_url('../vulnmeter/threats-db.php', 'environment', 'vulnerabilities', 'threat_database'), 'access' => Session::menu_perms('analysis-menu', 'EventsVulnerabilities'), 'send_by_email' => 0);
$reports['ticket_status'] = array('report_name' => _('Tickets Status'), 'report_id' => 'ticket_status', 'type' => 'external', 'link_id' => 'link_tr', 'link' => Menu::get_menu_url('../report/incidentreport.php', 'analysis', 'tickets', 'tickets'), 'access' => Session::menu_perms('analysis-menu', 'IncidentsIncidents'), 'send_by_email' => 0);
$db = new ossim_db();
$conn = $db->connect();
$user = Session::get_session_user();
$session_list = Session::get_list($conn, 'ORDER BY login');
if (preg_match('/pro|demo/', $conf->get_conf('ossim_server_version')) && !Session::am_i_admin()) {
$myusers = Acl::get_my_users($conn, Session::get_session_user());
if (count($myusers) > 0) {
$is_pro_admin = 1;
}
}
// User Log lists
if (Session::am_i_admin()) {
$user_values[''] = array('text' => _('All'));
if ($session_list) {
foreach ($session_list as $session) {
$login = $session->get_login();
$user_values[$login] = $login == $user ? array('text' => $login, 'selected' => TRUE) : array('text' => $login);
}
}
} elseif ($is_pro_admin) {
foreach ($myusers as $myuser) {
$user_values[$myuser['login']] = array('text' => $myuser['login']);
$user_values[$user] = array('text' => $user, 'selected' => TRUE);
}
} else {
$user_values[$user] = array('text' => $user);
}
$code_list = Log_config::get_list($conn, 'ORDER BY descr');
$action_values[''] = array('text' => _('All'));
if ($code_list) {
foreach ($code_list as $code_log) {
$code_aux = $code_log->get_code();
$action_values[$code_aux] = array('text' => '[' . sprintf("%02d", $code_aux) . '] ' . _(preg_replace('|%.*?%|', " ", $code_log->get_descr())));
}
}
$reports['user_activity'] = array('report_name' => _('User Activity Report'), 'report_id' => 'user_activity', 'type' => 'external', 'link_id' => 'link_ua', 'link' => Menu::get_menu_url('../userlog/user_action_log.php', 'settings', 'settings', 'user_activity'), 'parameters' => array(array('name' => _('User'), 'id' => 'ua_user', 'type' => 'select', 'values' => $user_values), array('name' => _('Action'), 'id' => 'ua_action', 'type' => 'select', 'values' => $action_values)), 'access' => Session::menu_perms('settings-menu', 'ToolsUserLog'), 'send_by_email' => 0);
$reports['geographic_report'] = array('report_name' => _('Geographic Report'), 'report_id' => 'geographic_report', 'type' => 'pdf', 'subreports' => array('title_page' => array('id' => 'title_page', 'name' => _('Title Page'), 'report_file' => 'os_reports/Common/titlepage.php'), 'geographic_report' => array('id' => 'geographic_report', 'name' => _('Geographic Report'), 'report_file' => 'os_reports/Various/Geographic.php')), 'parameters' => array(array('name' => _('Date Range'), 'date_from_id' => 'gr_date_from', 'date_to_id' => 'gr_date_to', 'type' => 'date_range', 'default_value' => array('date_from' => $y . '-' . $m . '-' . $d, 'date_to' => date('Y') . '-' . date('m') . '-' . date('d')))), 'access' => Session::menu_perms('analysis-menu', 'EventsForensics'), 'send_by_email' => 1);
//Sensor list
$sensor_values[''] = array('text' => ' -- ' . _('Sensors no found') . ' -- ');
$filters = array('order_by' => 'name');
$sensor_list = Av_sensor::get_basic_list($conn, $filters);
$filters = array('order_by' => 'priority desc');
list($sensor_list, $sensor_total) = Av_sensor::get_list($conn, $filters);
if ($sensor_total > 0) {
$sensor_values = array();
foreach ($sensor_list as $s) {
$properties = $s['properties'];
if ($properties['has_nagios']) {
$sensor_values[$s['ip']] = array('text' => $s['name']);
}
}
}
/* Nagios link */
$nagios_link = $conf->get_conf('nagios_link');
$scheme = empty($_SERVER['HTTPS']) ? 'http://' : 'https://';
$path = !empty($nagios_link) ? $nagios_link : '/nagios3/';
$port = !empty($_SERVER['SERVER_PORT']) ? ':' . $_SERVER['SERVER_PORT'] : "";
$nagios = $port . $path;
$section_values = array(urlencode($nagios . 'cgi-bin/trends.cgi') => array('text' => _('Trends')), urlencode($nagios . 'cgi-bin/avail.cgi') => array('text' => _('Availability')), urlencode($nagios . 'cgi-bin/histogram.cgi') => array('text' => _('Event Histogram')), urlencode($nagios . 'cgi-bin/history.cgi?host=all') => array('text' => _('Event History')), urlencode($nagios . 'cgi-bin/summary.cgi') => array('text' => _('Event Summary')), urlencode($nagios . 'cgi-bin/notifications.cgi') => array('text' => _('Notifications')), urlencode($nagios . 'cgi-bin/showlog.cgi') => array('text' => _('Performance Info')));
$reports['availability_report'] = array('report_name' => _('Availability Report'), 'report_id' => 'availability_report', 'type' => 'external', 'link_id' => 'link_avr', 'click' => "nagios_link('avr_nagios_link', 'avr_sensor', 'avr_section');", 'parameters' => array(array('name' => _('Sensor'), 'id' => 'avr_sensor', 'type' => 'select', 'values' => $sensor_values), array('name' => 'Nagioslink', 'id' => 'avr_nagios_link', 'type' => 'hidden', 'default_value' => urlencode($scheme)), array('name' => _('Section'), 'id' => 'avr_section', 'type' => 'select', 'values' => $section_values)), 'access' => Session::menu_perms('environment-menu', 'MonitorsAvailability'), 'send_by_email' => 0);
$db->close();
if ($id == NULL) {
ksort($reports);
return $reports;
} else {
return !empty($reports[$id]) ? $reports[$id] : array();
}
}
示例13: array
function end_upgrade($logfile)
{
$conn = new ossim_db();
$db = $conn->connect();
//
// PROPERTIES
//
$properties = array();
$db->StartTrans();
$rs = $db->Execute("SELECT hex(host_id) as id,property_ref,last_modified,source_id,value,extra,tzone FROM alienvault.host_properties WHERE property_ref>0");
while (!$rs->EOF) {
$properties[] = $rs->fields;
$rs->MoveNext();
}
$db->Execute("DELETE FROM alienvault.host_properties");
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
foreach ($properties as $prop) {
$values = json_decode($prop['value'], true);
$sql = "INSERT IGNORE INTO alienvault.host_properties (host_id, property_ref, last_modified, source_id, value, extra, tzone) VALUES (UNHEX(?), ? ,? ,? ,? ,? ,?)";
if (json_last_error() === JSON_ERROR_NONE && is_array($values)) {
foreach ($values as $value) {
if ($prop['property_ref'] == 3) {
$value = preg_replace("/\\b(\\w+)\\s+\\1\\b/i", "\$1", preg_replace("/(.*?):(.*)/", "\$1 \$2", $value));
} elseif ($prop['property_ref'] == 8) {
$value = preg_replace("/\\|/", "@", $value);
}
$params = array($prop['id'], $prop['property_ref'], $prop['last_modified'], $prop['source_id'], $value, $prop['extra'], $prop['tzone']);
$db->Execute($sql, $params);
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
if ($prop['property_ref'] == 3) {
break;
// Only the first OS
}
}
} else {
if ($prop['property_ref'] == 3) {
$prop['value'] = preg_replace("/\\b(\\w+)\\s+\\1\\b/i", "\$1", preg_replace("/(.*?):(.*)/", "\$1 \$2", $prop['value']));
} elseif ($prop['property_ref'] == 8) {
$prop['value'] = preg_replace("/\\|/", "@", $prop['value']);
}
$params = array($prop['id'], $prop['property_ref'], $prop['last_modified'], $prop['source_id'], $prop['value'], $prop['extra'], $prop['tzone']);
$db->Execute($sql, $params);
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
}
}
if (!$db->CompleteTrans()) {
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
return 1;
}
$db->Execute("DELETE FROM alienvault.host_properties WHERE value like 'unknown%'");
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
// HOST SOFTWARE CPE
$cpes = array();
$db->StartTrans();
$rs = $db->Execute("SELECT DISTINCT cpe FROM host_software");
while (!$rs->EOF) {
$cpes[] = $rs->fields['cpe'];
$rs->MoveNext();
}
foreach ($cpes as $cpe) {
$params = array(Asset_host_software::get_software_name_by_cpe($db, $cpe), $cpe);
$db->Execute("UPDATE host_software SET banner=? WHERE cpe=?", $params);
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
}
if (!$db->CompleteTrans()) {
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
return 1;
}
//
// VULN_JOB_ASSET
//
$jobs = array();
$db->StartTrans();
$rs = $db->Execute("SELECT id,meth_TARGET FROM alienvault.vuln_job_schedule");
while (!$rs->EOF) {
$jobs[] = array('id' => $rs->fields['id'], 'targets' => explode("\n", $rs->fields['meth_TARGET']));
$rs->MoveNext();
}
foreach ($jobs as $job) {
$db->Execute("DELETE FROM alienvault.vuln_job_assets WHERE job_id=? AND job_type=0", array($job['id']));
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
foreach ($job['targets'] as $target) {
if (preg_match("/(.*)#(.*)/", $target, $matches)) {
// ADD ASSET_ID
$sql = "INSERT IGNORE INTO alienvault.vuln_job_assets (job_id, job_type, asset_id) VALUES (?, 0, UNHEX(?))";
$params = array($job['id'], $matches[1]);
$db->Execute($sql, $params);
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
if (preg_match("/\\/\\d+/", $matches[2])) {
// NETWORK MEMBERS
$sql = "INSERT IGNORE INTO alienvault.vuln_job_assets (job_id, job_type, asset_id) SELECT ?, 0, host_id FROM host_net_reference WHERE net_id=UNHEX(?)";
$params = array($job['id'], $matches[1]);
$db->Execute($sql, $params);
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
}
}
}
}
if (!$db->CompleteTrans()) {
@file_put_contents($logfile, $db->ErrorMsg(), FILE_APPEND);
//.........这里部分代码省略.........
示例14: usleep
if ($mode == 'init') {
?>
<script type="text/javascript">
parent.$("#pbar").progressBar(0);
</script>
<?php
} else {
?>
<script type="text/javascript">
parent.$("#pbar").progressBar();
</script>
<?php
}
// Get networks and already hosts
$db = new ossim_db();
$conn_aux = $db->connect();
list($nets, $total) = Asset_net::get_list($conn_aux);
$i = 1;
// Search new hosts by networks
foreach ($nets as $net) {
session_write_close();
usleep(500000);
ob_flush();
?>
<script type="text/javascript">
parent.$("#pbar").progressBar(<?php
echo floor($i * 100 / $total);
?>
);
示例15: PrintPredefinedViews
function PrintPredefinedViews()
{
global $opensource;
$current_str = $_SESSION['current_cview'] != "default" && $_SESSION['current_cview'] != "" ? Util::htmlentities($_SESSION['current_cview']) : _("Default");
// Get default view
require_once "ossim_conf.inc";
$conf = $GLOBALS["CONF"];
$idm_enabled = $conf->get_conf("enable_idm") == 1 && Session::is_pro() ? true : false;
$login = Session::get_session_user();
$db_aux = new ossim_db(true);
$conn_aux = $db_aux->connect();
$config = new User_config($conn_aux);
$default_view = $config->get($login, 'custom_view_default', 'php', "siem") != "" ? $config->get($login, 'custom_view_default', 'php', "siem") : ($idm_enabled ? 'IDM' : 'default');
$db_aux->close($conn_aux);
?>
<button id="views_link" class="button av_b_secondary">
<?php
echo _('Change View');
?>
▾
</button>
<div id="custom_views" class="dropdown dropdown-secondary dropdown-close dropdown-tip dropdown-anchor-right dropdown-scrolling" style='display:none'>
<ul id="custom_views_ul" class="dropdown-menu">
<?php
if (Session::am_i_admin()) {
?>
<li><a href="#" onclick="GB_show('<?php
echo _("Edit Current View");
?>
','/forensics/custom_view_edit.php?edit=1',480,700);$('#custom_views').hide();return false"><?php
echo _("Edit Current View");
?>
</a></li>
<li><a href="#" onclick="GB_show('<?php
echo _("Create new custom view");
?>
','/forensics/custom_view_edit.php',480,700);$('#custom_views').hide();return false"><?php
echo _("Create New View");
?>
</a></li>
<?php
}
foreach ($_SESSION['views'] as $name => $attr) {
$dname = $name == "default" ? "Default" : $name;
$selected = $_SESSION['current_cview'] == $name ? "► " : "";
?>
<li><a href="#" onclick="change_view('<?php
echo Util::htmlentities($name);
?>
');$('#custom_views').hide()"><?php
echo $selected . Util::htmlentities($dname);
?>
</a></li>
<?php
}
?>
</ul>
</div>
<?php
}