|
1 | 1 | <?php |
2 | | - |
3 | | -/* |
4 | | - This program is free software: you can redistribute it and/or modify |
5 | | - it under the terms of the GNU General Public License as published by |
6 | | - the Free Software Foundation, either version 3 of the License, or |
7 | | - (at your option) any later version. |
8 | | -
|
9 | | - This program is distributed in the hope that it will be useful, |
10 | | - but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 | | - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 | | - GNU General Public License for more details. |
13 | | -
|
14 | | - You should have received a copy of the GNU General Public License |
15 | | - along with this program. If not, see <http://www.gnu.org/licenses/>. |
16 | | -*/ |
17 | | - |
18 | 2 | session_start(); |
19 | 3 | if (isset($_SESSION['dest']) && !empty($_SESSION['dest'])) { |
20 | 4 | ob_start(); |
21 | | - //$data = fopen("tmp/{$_SESSION['dest']}/eve.json", "r"); |
22 | 5 | $data = fopen("tmp/{$_SESSION['dest']}/{$_SESSION['file']}", "r"); |
23 | | - unset($data[count($data)-1]);//Exclude last JSON data |
| 6 | + unset($data[count($data)-1]); // Exclude last JSON data |
24 | 7 | echo "<html> |
25 | | - <head> |
26 | | - <title>Suricata Log Analyzer - Result</title> |
27 | | - <style type='text/css'> |
28 | | - html { |
29 | | - text-align: center; |
30 | | - } |
31 | | - body{ |
32 | | - font-family:Lucida Console, Monotype, Tahoma, Verdana; |
33 | | - font-size:12px; |
34 | | - margin:40px;padding:0; |
35 | | - } |
36 | | - body,td,th { |
37 | | - font-family: Verdana, Arial, Helvetica, sans-serif; |
38 | | - font-size: 12px; |
39 | | - } |
40 | | - a:link { |
41 | | - text-decoration: none; |
42 | | - color: #0000FF; |
43 | | - } |
44 | | - a:visited { |
45 | | - text-decoration: none; |
46 | | - color: #0000FF; |
47 | | - } |
48 | | - a:hover { |
49 | | - text-decoration: underline; |
50 | | - color: #0000FF; |
51 | | - } |
52 | | - a:active { |
53 | | - text-decoration: none; |
54 | | - color: #0000FF; |
55 | | - } |
56 | | - table { |
57 | | - table-layout: fixed; |
58 | | - } |
59 | | -
|
60 | | - th { |
61 | | - font-family: Arial, Helvetica, sans-serif; |
62 | | - font-size: .8em; |
63 | | - } |
64 | | -
|
65 | | - td { |
66 | | - font-family: Arial, Helvetica, sans-serif; |
67 | | - font-size: .8em; |
68 | | - border: 1px solid #DDD; |
69 | | - word-wrap: break-word; |
70 | | - } |
71 | | - </style> |
72 | | - </head> |
73 | | - <body> |
74 | | - <h1 align='center'>Log Analysis Result - {$_SESSION['file']}</h1><hr><br> |
75 | | - <table width='90%' valign='top' align='center'> |
76 | | - <tr> |
77 | | - <th width='220px'>Timestamp</th> |
78 | | - <th width='150px'>Src IP</th> |
79 | | - <th width='60px'>Src Port</th> |
80 | | - <th width='150px'>Dest IP</th> |
81 | | - <th width='60px'>Dest Port</th> |
82 | | - <th width='360px'>Event Name</th> |
83 | | - <th width='260px'>Hostname</th> |
84 | | - <th width='360px'>URL</th> |
85 | | - </tr> |
86 | | - </body> |
87 | | - </html>"; |
| 8 | + <head> |
| 9 | + <title>Suricata Log Parser - Result</title> |
| 10 | + <style type='text/css'> |
| 11 | + html { |
| 12 | + text-align: center; |
| 13 | + } |
| 14 | + body { |
| 15 | + font-family:Lucida Console, Monotype, Tahoma, Verdana; |
| 16 | + font-size:12px; |
| 17 | + margin:40px;padding:0; |
| 18 | + } |
| 19 | + body,td,th { |
| 20 | + font-family: Verdana, Arial, Helvetica, sans-serif; |
| 21 | + font-size: 12px; |
| 22 | + } |
| 23 | + a:link, a:visited, a:hover, a:active { |
| 24 | + text-decoration: none; |
| 25 | + color: #0000FF; |
| 26 | + } |
| 27 | + table { |
| 28 | + table-layout: fixed; |
| 29 | + } |
| 30 | + th { |
| 31 | + font-family: Arial, Helvetica, sans-serif; |
| 32 | + font-size: .8em; |
| 33 | + } |
| 34 | + td { |
| 35 | + font-family: Arial, Helvetica, sans-serif; |
| 36 | + font-size: .8em; |
| 37 | + border: 1px solid #DDD; |
| 38 | + word-wrap: break-word; |
| 39 | + } |
| 40 | + </style> |
| 41 | + </head> |
| 42 | + <body> |
| 43 | + <h1 align='center'>Log Analysis Result - {$_SESSION['file']}</h1> |
| 44 | + <hr> |
| 45 | + <br> |
| 46 | + <table width='90%' valign='top' align='center'> |
| 47 | + <tr> |
| 48 | + <th width='220px'>Timestamp</th> |
| 49 | + <th width='150px'>Src IP</th> |
| 50 | + <th width='60px'>Src Port</th> |
| 51 | + <th width='150px'>Dest IP</th> |
| 52 | + <th width='60px'>Dest Port</th> |
| 53 | + <th width='360px'>Event Name</th> |
| 54 | + <th width='260px'>Hostname</th> |
| 55 | + <th width='360px'>URL</th> |
| 56 | + </tr>"; |
88 | 57 | while ($line = fgets($data)) { |
89 | 58 | $array = json_decode($line, true); |
90 | 59 | $time = $array['timestamp']; |
91 | 60 | $date = strtotime($time); |
92 | 61 | $fixed = date('l, F d Y g:iA', $date); |
93 | 62 | if (isset($array['alert']['signature']) && !empty($array['alert']['signature'])) { |
94 | 63 | echo "<table width='90%' valign='top' align='center'> |
95 | | - <tr bgcolor = '#A9D0F5'> |
96 | | - <td width='220px'>" . $fixed . "</td> |
97 | | - <td width='150px'>" . $array['src_ip'] . "</td> |
98 | | - <td width='50px'>" . $array['src_port'] . "</td> |
99 | | - <td width='150px'>" . $array['dest_ip'] . "</td> |
100 | | - <td width='50px'>" . $array['dest_port'] . "</td> |
101 | | - <td width='360px'>" . $array['alert']['signature'] . "</td> |
102 | | - <td width='260px' align='center'> - </td> |
103 | | - <td width='360px' align='center'> - </td> |
104 | | - </tr></table>"; |
| 64 | + <tr bgcolor='#A9D0F5'> |
| 65 | + <td width='220px'>" . $fixed . "</td> |
| 66 | + <td width='150px'>" . $array['src_ip'] . "</td> |
| 67 | + <td width='50px'>" . $array['src_port'] . "</td> |
| 68 | + <td width='150px'>" . $array['dest_ip'] . "</td> |
| 69 | + <td width='50px'>" . $array['dest_port'] . "</td> |
| 70 | + <td width='360px'>" . $array['alert']['signature'] . "</td> |
| 71 | + <td width='260px' align='center'> - </td> |
| 72 | + <td width='360px' align='center'> - </td> |
| 73 | + </tr> |
| 74 | + </table>"; |
105 | 75 | } |
106 | 76 | if (isset($array['http']['hostname']) && !empty($array['http']['hostname'])) { |
107 | 77 | echo "<table width='90%' valign='top' align='center'> |
108 | | - <tr bgcolor = '#A9D0F5'> |
109 | | - <td width='220px'>" . $fixed . "</td> |
110 | | - <td width='150px'>" . $array['src_ip'] . "</td> |
111 | | - <td width='50px'>" . $array['src_port'] . "</td> |
112 | | - <td width='150px'>" . $array['dest_ip'] . "</td> |
113 | | - <td width='50px'>" . $array['dest_port'] . "</td> |
114 | | - <td width='360px' align='center'> - </td> |
115 | | - <td width='260px'>" . $array['http']['hostname'] . "</td> |
116 | | - <td width='360px'>" . $array['http']['url'] . "</td> |
117 | | - </tr></table>"; |
| 78 | + <tr bgcolor='#A9D0F5'> |
| 79 | + <td width='220px'>" . $fixed . "</td> |
| 80 | + <td width='150px'>" . $array['src_ip'] . "</td> |
| 81 | + <td width='50px'>" . $array['src_port'] . "</td> |
| 82 | + <td width='150px'>" . $array['dest_ip'] . "</td> |
| 83 | + <td width='50px'>" . $array['dest_port'] . "</td> |
| 84 | + <td width='360px' align='center'> - </td> |
| 85 | + <td width='260px'>" . $array['http']['hostname'] . "</td> |
| 86 | + <td width='360px'>" . $array['http']['url'] . "</td> |
| 87 | + </tr> |
| 88 | + </table>"; |
118 | 89 | } |
119 | 90 | } |
120 | 91 | echo "<br><br>"; |
|
0 commit comments