Ossim Source Code of Event.inc

Source: Internet
Author: User
Tags ossim

<?php

Require_once ("Ossim_db.inc");

Class Event {

var $id;
var $timestamp;
var $sensor;
var $interface;
var $type;
var $plugin _id;
var $plugin _sid;
var $protocol;
var $src _ip;
var $dst _ip;
var $src _port;
var $dst _port;
var $condition;
var $value;
var $time _interval;
var $absolute;
var $priority;
var $reliability;
var $asset _src;
var $asset _dst;
var $risk _c;
var $risk _a;
var $asset _src;
var $asset _dst;
var $snort _sid;
var $snort _cid;
var $alarm;

function Event ($id, $timestamp, $sensor, $interface, $type,
$plugin _id, $plugin _sid, $protocol, $src _ip, $dst _ip,
$src _port, $dst _port, $condition, $value, $time _interval,
$absolute, $priority, $reliability, $risk _c, $risk _a,
$asset _src, $asset _dst, $snort _sid, $snort _cid, $alarm)
{
$this->id = $id;
$this->timestamp = $timestamp;
$this->sensor = $sensor;
$this->interface = $interface;
$this->type = $type;
$this->plugin_id = $plugin _id;
$this->plugin_sid = $plugin _sid;
$this->protocol = $protocol;
$this->src_ip = $src _ip;
$this->dst_ip = $dst _ip;
$this->src_port = $src _port;
$this->dst_port = $dst _port;
$this->condition = $condition;
$this->value = $value;
$this->time_interval = $time _interval;
$this->absolute = $absolute;
$this->priority = $priority;
$this->reliability = $reliability;
$this->risk_c = $risk _c;
$this->risk_a = $risk _a;
$this->asset_src = $asset _src;
$this->asset_dst = $asset _dst;
$this->snort_sid = $snort _sid;
$this->snort_cid = $snort _cid;
$this->alarm = $alarm;
}

function get_id () {return $this->id; }
function Get_timestamp () {return $this->timestamp; }
function Get_sensor () {return $this->sensor; }
function Get_interface () {return $this->interface; }
function Get_type () {return $this->type; }
function get_plugin_id () {return $this->plugin_id; }
function Get_plugin_sid () {return $this->plugin_sid; }
function Get_protocol () {return $this->protocol; }
function Get_src_ip () {return $this->src_ip; }
function Get_dst_ip () {return $this->dst_ip; }
function Get_src_port () {return $this->src_port; }
function Get_dst_port () {return $this->dst_port; }
function Get_condition () {return $this->condition; }
function Get_value () {return $this->value; }
function Get_time_interval () {return $this->time_interval; }
function Get_absolute () {return $this->absolute; }
function get_priority () {return $this->priority; }
function get_reliability () {return $this->reliability; }
function Get_risk_c () {return $this->risk_c; }
function Get_risk_a () {return $this->risk_a; }
function Get_asset_src () {return $this->asset_src; }
function Get_asset_dst () {return $this->asset_dst; }
function Get_snort_sid () {return $this->snort_sid; }
function Get_snort_cid () {return $this->snort_cid; }
function Alarm () {return $this->alarm; }

function get_count ($conn, $where = "")
{
$query = Ossimquery ("SELECT count (*) from event $where");
if (! $rs = & $conn->execute ($query)) {
Print $conn->errormsg ();
} else {
return $rs->fields["Count (*)"];
}
}

function Get_list ($conn, $args = "", $inf = 0, $sup = 25)
{
$i = 0;

$query = Ossimquery ("SELECT *, Inet_ntoa (SRC_IP), Inet_ntoa (DST_IP)
From event $args ");
if (! $rs = & $conn->execute ($query)) {
Print $conn->errormsg ();
} else {
$list = Array ();
while (! $rs->eof) {
if ($i + + >= $inf) && ($inf + + <= $sup)) {
$list [] = new Event ($rs->fields["id"],
$rs->fields["Timestamp"],
$rs->fields["sensor"],
$rs->fields["Interface"],
$rs->fields["type"],
$rs->fields["plugin_id"],
$rs->fields["Plugin_sid"],
$rs->fields["Protocol"],
$rs->fields["Inet_ntoa (SRC_IP)"],
$rs->fields["Inet_ntoa (DST_IP)"],
$rs->fields["Src_port"],
$rs->fields["Dst_port"],
$rs->fields["condition"],
$rs->fields["value"],
$rs->fields["Time_interval"],
$rs->fields["Absolute"],
$rs->fields["Priority"],
$rs->fields["Reliability"],
$rs->fields["Risk_c"],
$rs->fields["Risk_a"],
$rs->fields["Asset_src"],
$rs->fields["ASSET_DST"],
$rs->fields["Snort_sid"],
$rs->fields["Snort_cid"],
$rs->fields["alarm"]);
} elseif ($inf > $sup) {
Break
}
$rs->movenext ();
}
}
return $list;
}

function Delete ($conn, $id)
{
if (!strcmp ($id, "all")) {
$sql = "DELETE from event";
$params = Array ();
} else {
$sql = "DELETE from event WHERE id =?";
$params = Array ($id);
}
if ($conn->execute ($sql, $params) = = = = False) {
print ' ERROR deleting: '. $conn->errormsg (). ' <BR> ';
}
}

}


?>

This article from "Lee Chenguang original Technology blog" blog, declined reprint!

Ossim Source Code of Event.inc

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.