From 0e3e1f89a3769f2eff85fe75a661e107e789cbb5 Mon Sep 17 00:00:00 2001 From: Shehroz Chishty Date: Mon, 9 Oct 2023 23:45:11 -0700 Subject: [PATCH 1/2] Added the plugin builder feature --- .../src/ansiblemethods/sensor/plugin.py | 18 + .../src/apimethods/plugin/plugin.py | 102 +- .../src/blueprints/plugin/plugin.py | 25 +- os-sim/www/av_plugin/addPlugin.php | 205 + .../views/plugin_builder/accordion_data.php | 290 + .../av_plugin/views/plugin_builder/action.php | 518 + .../plugin_builder/css/accordion_css.css | 314 + .../views/plugin_builder/final_modal_data.php | 131 + .../views/plugin_builder/js/accordion_js.js | 842 + .../plugin_builder/js/regex-generator.js | 50462 ++++++++++++++++ .../views/plugin_builder/modal_data.php | 274 + .../views/plugin_builder/upload/.gitkeep | 0 12 files changed, 53161 insertions(+), 20 deletions(-) create mode 100644 os-sim/www/av_plugin/addPlugin.php create mode 100644 os-sim/www/av_plugin/views/plugin_builder/accordion_data.php create mode 100644 os-sim/www/av_plugin/views/plugin_builder/action.php create mode 100644 os-sim/www/av_plugin/views/plugin_builder/css/accordion_css.css create mode 100644 os-sim/www/av_plugin/views/plugin_builder/final_modal_data.php create mode 100644 os-sim/www/av_plugin/views/plugin_builder/js/accordion_js.js create mode 100644 os-sim/www/av_plugin/views/plugin_builder/js/regex-generator.js create mode 100644 os-sim/www/av_plugin/views/plugin_builder/modal_data.php create mode 100644 os-sim/www/av_plugin/views/plugin_builder/upload/.gitkeep diff --git a/alienvault-api/alienvault-api-core/src/ansiblemethods/sensor/plugin.py b/alienvault-api/alienvault-api-core/src/ansiblemethods/sensor/plugin.py index 167c73b..f483921 100644 --- a/alienvault-api/alienvault-api-core/src/ansiblemethods/sensor/plugin.py +++ b/alienvault-api/alienvault-api-core/src/ansiblemethods/sensor/plugin.py @@ -233,3 +233,21 @@ def ansible_check_plugin_integrity(system_ip): return rc, output +def ansible_move_plugin_files(filename): + """ + """ + system_ip="127.0.0.1" + command = "/usr/bin/plugin_service " + filename + + try: + response = ansible.run_module(host_list=[system_ip], module="command", use_sudo="True", args=command) + except Exception, exc: + error_msg = "Ansible Error: An error occurred while moving files: %s" % str(exc) + api_log.error(error_msg) + return False, error_msg + + (success, msg) = ansible_is_valid_response(system_ip, response) + if success: + return success, response['contacted'][system_ip]['stdout'] + else: + return success, msg diff --git a/alienvault-api/alienvault-api-core/src/apimethods/plugin/plugin.py b/alienvault-api/alienvault-api-core/src/apimethods/plugin/plugin.py index b1e884c..6d9d052 100644 --- a/alienvault-api/alienvault-api-core/src/apimethods/plugin/plugin.py +++ b/alienvault-api/alienvault-api-core/src/apimethods/plugin/plugin.py @@ -30,7 +30,7 @@ # Functions to deal with custom plugins. import os -from shutil import copy +from shutil import copy, move from os.path import splitext, basename import api_log @@ -55,6 +55,7 @@ APIInvalidPlugin, APIPluginFileNotFound, APICannotBeRemoved, + APICannotCheckPlugin ) from ansiblemethods.sensor.detector import ( get_sensor_detectors, @@ -64,11 +65,15 @@ disable_plugin_globally, disable_plugin_per_assets, ) + +from ansiblemethods.sensor.plugin import ansible_move_plugin_files from ansiblemethods.helper import remove_file TEMPORAL_FOLDER = "/var/lib/asec/plugins/" PLUGINS_FOLDER = "/etc/ossim/agent/plugins/" END_FOLDER = "/etc/alienvault/plugins/custom/" +PLUGIN_UPLOAD_FOLDER = "/usr/share/ossim/www/av_plugin/views/plugin_builder/upload/" +LOG_FOLDER = "/var/log/customlog/" def apimethod_get_plugin_list(): @@ -165,6 +170,82 @@ def apimethod_upload_plugin(plugin_file, vendor, model, version, product_type, o # the list of plugin sids for the plugin. return data + +def apimethod_save_plugin(plugin_file,plugin_id,vendor,model,version,product_type,nsids): + """Move the uploaded file from upload folder to PLUGINS_FOLDER + Args: + plugin_file (str) = The plugin you want to download + Returns: + Returns the content of the given plugin file + """ + try: + plugin_src_path = os.path.join(PLUGIN_UPLOAD_FOLDER, plugin_file+'.cfg') + sql_src_path = os.path.join(PLUGIN_UPLOAD_FOLDER, plugin_file+'.sql') + + # if not (os.path.isfile(plugin_src_path) or os.path.isfile(sql_src_path)): + # raise APIPluginFileNotFound(plugin_src_path) + plugin_f=plugin_file+".cfg" + plugin_s=plugin_file+".sql" + + # success1, movedcfg = copy(plugin_src_path, END_FOLDER) + # success2, movedsql = copy(sql_src_path, END_FOLDER) + + success, msg = ansible_move_plugin_files(plugin_file) + + if success: + + # Remove via ansible due to file permissions + # remove_file(['127.0.0.1'], plugin_src_path) + # remove_file(['127.0.0.1'], sql_src_path) + + temporal_plg_path = os.path.join(END_FOLDER, plugin_file) + temporal_plg_sql_path = temporal_plg_path + '.sql' + + # Load plugin SQl into the DB. + with open(temporal_plg_sql_path) as plugin_raw_sql: + success, msg = save_plugin_from_raw_sql(plugin_raw_sql.read()) + if not success: + raise APICannotSavePlugin(msg) + + # Save plugin data. + success, msg = insert_plugin_data(plugin_id, + plugin_name=plugin_f, + vendor=vendor, + model=model, + version=version, + nsids=nsids, + product_type=product_type) + if not success: + raise APICannotSavePlugin(msg) + else: + raise APICannotCheckPlugin(msg) + + + except Exception as e: + raise APIPluginFileNotFound(e) + return True + + +def apimethod_download_plugin(plugin_file): + """Returns the content of a given plugin file + Args: + plugin_file (str) = The plugin you want to download + Returns: + Returns the content of the given plugin file + """ + try: + plugin_path = "{}{}".format(END_FOLDER, plugin_file) + if not os.path.isfile(plugin_path): + plugin_path = "{}{}".format(PLUGINS_FOLDER, plugin_file) + if not os.path.isfile(plugin_path): + raise APIPluginFileNotFound(plugin_file) + with open(plugin_path) as plugin_file: + data = plugin_file.read() + except: + raise + return data + + def remove_plugin_from_sensors(plugin_file): """ Disable and remove custom plugin from all systems. Args: @@ -229,21 +310,4 @@ def apimethod_remove_plugin(plugin_file): raise -def apimethod_download_plugin(plugin_file): - """Returns the content of a given plugin file - Args: - plugin_file (str) = The plugin you want to download - Returns: - Returns the content of the given plugin file - """ - try: - plugin_path = "{}{}".format(END_FOLDER, plugin_file) - if not os.path.isfile(plugin_path): - plugin_path = "{}{}".format(PLUGINS_FOLDER, plugin_file) - if not os.path.isfile(plugin_path): - raise APIPluginFileNotFound(plugin_file) - with open(plugin_path) as plugin_file: - data = plugin_file.read() - except: - raise - return data + diff --git a/alienvault-api/alienvault-api/src/blueprints/plugin/plugin.py b/alienvault-api/alienvault-api/src/blueprints/plugin/plugin.py index 79bbed5..22bf9e1 100644 --- a/alienvault-api/alienvault-api/src/blueprints/plugin/plugin.py +++ b/alienvault-api/alienvault-api/src/blueprints/plugin/plugin.py @@ -39,7 +39,8 @@ apimethod_get_plugin_list, apimethod_upload_plugin, apimethod_download_plugin, - apimethod_remove_plugin + apimethod_remove_plugin, + apimethod_save_plugin ) from apiexceptions import APIException @@ -115,3 +116,25 @@ def remove(): except APIException as e: return make_error_from_exception(e) return make_ok() + +@blueprint.route('/save', methods=['POST']) +@admin_permission.require(http_exception=403) +@accepted_url({'plugin_file': str,'plugin_id': str,'vendor': str,'model': str,'version': str,'product_type': str,'nsids': str}) +def save(): + try: + plugin_file = request.form['plugin_file'] + plugin_id = request.form['plugin_id'] + vendor = request.form['vendor'] + model = request.form['model'] + version = request.form['version'] + product_type = request.form['product_type'] + nsids = request.form['nsids'] + + result = apimethod_save_plugin(plugin_file=plugin_file,plugin_id=plugin_id,vendor=vendor,model=model,version=version,product_type=product_type,nsids=nsids) + + # response = make_response(data) + # response.headers["Content-Disposition"] = "attachment; filename={}".format(plugin_file) + except APIException as e: + return make_error_from_exception(e) + return make_ok(contents=result) + diff --git a/os-sim/www/av_plugin/addPlugin.php b/os-sim/www/av_plugin/addPlugin.php new file mode 100644 index 0000000..577148c --- /dev/null +++ b/os-sim/www/av_plugin/addPlugin.php @@ -0,0 +1,205 @@ + _("You do not have permission to see this section"), + 'options' => array ( + 'type' => 'nf_error', + 'cancel_button' => false + ), + 'style' => 'width: 60%; margin: 30px auto; text-align:center;' + ); + + $nt = new Notification('nt_1', $config_nt); + $nt->show(); + + die(); +} + +$tz = Util::get_timezone(); +?> + + + + + <?php echo _('AlienVault ' . (Session::is_pro() ? 'USM' : 'OSSIM')) ?> + + + + 'av_common.css', 'def_path' => TRUE), + array('src' => 'jquery-ui.css', 'def_path' => TRUE), + array('src' => 'tipTip.css', 'def_path' => TRUE), + array('src' => 'jquery.dataTables.css', 'def_path' => TRUE), + array('src' => 'jquery.dropdown.css', 'def_path' => TRUE), + array('src' => 'av_table.css', 'def_path' => TRUE), + ); + + Util::print_include_files($_files, 'css'); + echo ''; + //JS Files + $_files = array( + array('src' => 'jquery.min.js', 'def_path' => TRUE), + array('src' => 'jquery-ui.min.js', 'def_path' => TRUE), + array('src' => 'jquery.number.js.php', 'def_path' => TRUE), + array('src' => 'utils.js', 'def_path' => TRUE), + array('src' => 'notification.js', 'def_path' => TRUE), + array('src' => 'token.js', 'def_path' => TRUE), + array('src' => 'jquery.tipTip.js', 'def_path' => TRUE), + array('src' => 'greybox.js', 'def_path' => TRUE), + array('src' => 'jquery.dataTables.js', 'def_path' => TRUE), + array('src' => 'av_table.js.php', 'def_path' => TRUE), + array('src' => 'av_storage.js.php', 'def_path' => TRUE), + array('src' => 'jquery.md5.js', 'def_path' => TRUE), + array('src' => 'jquery.placeholder.js', 'def_path' => TRUE), + array('src' => 'jquery.dropdown.js', 'def_path' => TRUE), + array('src' => '/av_plugin/views/plugin_builder/js/accordion_js.js', 'def_path' => FALSE), + array('src' => '/av_plugin/views/plugin_builder/js/regex-generator.js', 'def_path' => FALSE), + ); + + Util::print_include_files($_files, 'js'); + + ?> + + + + + + + + + + +
+ +
+ +
+ +
+ +
+ +
+ +
+ + ' /> + +
+ + +
+ + +
+ + +
+ + + + + + + + diff --git a/os-sim/www/av_plugin/views/plugin_builder/accordion_data.php b/os-sim/www/av_plugin/views/plugin_builder/accordion_data.php new file mode 100644 index 0000000..4c132fe --- /dev/null +++ b/os-sim/www/av_plugin/views/plugin_builder/accordion_data.php @@ -0,0 +1,290 @@ +
+
+
+ + + +
+
+
+
+ + + + diff --git a/os-sim/www/av_plugin/views/plugin_builder/action.php b/os-sim/www/av_plugin/views/plugin_builder/action.php new file mode 100644 index 0000000..c06aba2 --- /dev/null +++ b/os-sim/www/av_plugin/views/plugin_builder/action.php @@ -0,0 +1,518 @@ + _("You do not have permission to see this section"), + 'options' => array( + 'type' => 'nf_error', + 'cancel_button' => false + ), + 'style' => 'width: 60%; margin: 30px auto; text-align:center;' + ); + $nt = new Notification('nt_1', $config_nt); + $nt->show(); + die(); +} + +$db = new ossim_db(); +$conn = $db->connect(); + +$action = $_REQUEST['action']; + +if ($action == 'logUpload') { + if (isset($_FILES['file'])) { + $errors = array(); + $file_name = $_FILES['file']['name']; + $file_size = $_FILES['file']['size']; + $file_tmp = $_FILES['file']['tmp_name']; + $file_type = $_FILES['file']['type']; + $a = explode('.', $file_name); + $b = end($a); + $file_ext = strtolower($b); + + $extensions = array("log", "txt"); + + if (in_array($file_ext, $extensions) === false) { + $response['status'] = "ERROR"; + $errors[] = "extension not allowed, please choose a JPEG or PNG file."; + $response["data"] = "extension not allowed, please choose a JPEG or PNG file."; + } + + if ($file_size > 2097152) { + $response['status'] = "ERROR"; + $errors[] = 'File size must be excately 2 MB'; + $response["data"] = "File size must be excately 2 MB"; + } + + if (empty($errors) == true) { + + $data = file($file_tmp, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); //read the entire file to array by ignoring new lines and spaces + + $newData = array(); + + foreach ($data as $value) { + $temp = str_split($value); + $newStr = array(); + for ($i = 0; $i < count($temp); $i++) { + if ($temp[$i] == ' ' && $temp[$i + 1] != ' ') { + $newStr[] = $temp[$i] . ' '; + } else if ($temp[$i] == '(' || $temp[$i] == '[') { + if ($temp[$i + 1] != ' ' && $temp[$i - 1] != ' ') { + if($temp[$i + 1] == '/') + { + $newStr[] = ' ' . $temp[$i]; + } + else{ + $newStr[] = ' ' . $temp[$i] . ' '; + } + } + else if ($temp[$i + 1] != ' ' && $temp[$i - 1] == ' ') { + $newStr[] = $temp[$i] . ' '; + } + else if ($temp[$i + 1] == ' ' && $temp[$i - 1] != ' ') { + $newStr[] = ' ' . $temp[$i]; + } + } else if ($temp[$i] == ',') { + if ($temp[$i + 1] != ' ') { + $newStr[] = ' ' . $temp[$i] . ' '; + } else { + $newStr[] = ' ' . $temp[$i]; + } + } + else if ($temp[$i] == '/') { + if ($temp[$i + 1] != ' ' && $temp[$i - 1] != ' ') { + $newStr[] = ' ' . $temp[$i] . ' '; + } + else if ($temp[$i + 1] != ' ' && $temp[$i - 1] == ' ') { + $newStr[] = $temp[$i] . ' '; + } + else { + $newStr[] = ' ' . $temp[$i]; + } + } else if ($temp[$i] == '-') { + if ($temp[$i + 1] != ' ' && $temp[$i - 1] != ' ') { + $newStr[] = ' ' . $temp[$i] . ' '; + } + else if ($temp[$i + 1] != ' ' && $temp[$i - 1] == ' ') { + $newStr[] = $temp[$i] . ' '; + } + else { + $newStr[] = ' ' . $temp[$i]; + } + } else if ($temp[$i] == '%') { + if ($temp[$i + 1] != ' ' && $temp[$i - 1] != ' ') { + $newStr[] = ' ' . $temp[$i] . ' '; + } + else if ($temp[$i + 1] != ' ' && $temp[$i - 1] == ' ') { + $newStr[] = $temp[$i] . ' '; + } + else { + $newStr[] = ' ' . $temp[$i]; + } + } else if ($temp[$i] == '=') { + if ($temp[$i + 1] != ' ') { + $newStr[] = ' ' . $temp[$i] . ' '; + } else { + $newStr[] = ' ' . $temp[$i]; + } + } else if ($temp[$i] == ')' || $temp[$i] == ']') { + $newStr[] = ' ' . $temp[$i]; + } else if ($temp[$i] == ';') { + if ($temp[$i - 1] != ' ') { + $newStr[] = ' ' . $temp[$i]; + } else { + $newStr[] = $temp[$i]; + } + } else if ($temp[$i] == ':' && (!is_numeric($temp[$i - 1]) && !is_numeric($temp[$i + 1]))) { + if ($temp[$i + 1] != ' ') { + if($temp[$i + 1] == '[' || $temp[$i + 1] == '(' || $temp[$i + 1] == '/') + { + $newStr[] = ' ' . $temp[$i]; + } + else{ + $newStr[] = ' ' . $temp[$i] . ' '; + } + } else if ($temp[$i + 1] == ' ' && $temp[$i - 1] != ' ') { + $newStr[] = ' ' . $temp[$i]; + } else { + $newStr[] = $temp[$i]; + } + } else { + $newStr[] = $temp[$i]; + } + } + $newData[] = implode($newStr); + } + + $response["status"] = "OK"; + $response["data"] = $newData; + + + echo json_encode($response); + } else { + echo json_encode($response); + } + } +} else if ($action == "regexGenerated") { + $regexData = json_decode($_REQUEST['regexs']); + $tableRow = ''; + for ($i = 0; $i < count($regexData); $i++) { + $tableRow .= "" . $regexData[$i][0] . "" . $regexData[$i][1] . " | Pending"; + } + + + $query2 = "select id,name from product_type;"; + $rs = $conn->Execute($query2); + $opts = ''; + while (!$rs->EOF) { + $plgn_id = $rs->fields['id']; + $plgn_name = $rs->fields['name']; + $opts .= ''; + $rs->MoveNext(); + } + mysqli_free_result($rs); + + + $query3 = 'select id,name from category;'; + $rs = $conn->Execute($query3); + + $cats = ''; + while (!$rs->EOF) { + $plgn_id2 = $rs->fields['id']; + $plgn_cat = $rs->fields['name']; + $cats .= ''; + $rs->MoveNext(); + } + mysqli_free_result($rs); + + + + $query5 = 'select id,name from subcategory;'; + $rs = $conn->Execute($query5); + $cls = ''; + while (!$rs->EOF) { + $plgn_id3 = $rs->fields['id']; + $plgn_subcat = $rs->fields['name']; + $cls .= ''; + $rs->MoveNext(); + } + mysqli_free_result($rs); + + + $query = "CALL generate_pluginid();"; + $rs = $conn->Execute($query); + $p_id = $rs->fields['id']; + mysqli_free_result($rs); + + + $htmlResponse = '
+

Plugin Details

+
+
+
+ + +
+
+ + + +
+
+ + +
+
+ + +
+
+ +
+ +
+
+
+ + +
+
+ + +
+
+
+
+ + + + + + + + + + + + ' . $tableRow . ' + +
Log LineRegexActionStatus
+
+
+ +
+
+ + '; + + + $response["status"] = "OK"; + $response["data"] = $htmlResponse; + + echo json_encode($response); +} else if ($action == 'checkplugname') { + if (isset($_POST['plugin_name'])) { + $pgname = $_POST['plugin_name']; + + + $sql = "SELECT count(*) FROM plugin where name = ?"; + $stmt = $conn->prepare($sql); + $result = $conn->execute($stmt, $pgname); + if ($row = $result->fetchRow()) { + if ($row[0] == 0 and $row[0] != null) { + $data['status'] = "OK"; + $data["data"] = $row[0]; + echo json_encode($data); + } else { + $data['status'] = "ERROR"; + $data["data"] = "Name already exist"; + echo json_encode($data); + } + } + } else { + $data['status'] = "Error"; + $data["data"] = "If failed"; + } +} else if ($action == 'fetchsubcat') { + if (isset($_POST['catid'])) { + $catid = $_POST['catid']; + + $sql = "select id,name from subcategory where cat_id = ?"; + $stmt = $conn->prepare($sql); + $result = $conn->execute($stmt, $catid); + + $subcats = ''; + while ($row = $result->fetchRow()) { + + $subcats .= ''; + } + + $data['status'] = "OK"; + + $data["data"] = $subcats; + echo json_encode($data); + } else { + $data['status'] = "Error"; + $data["data"] = "If failed"; + echo json_encode($data); + } +} else if ($action == 'generateplugin') { + $data = array(); + if (isset($_POST['pgid']) && isset($_POST['pgname']) && isset($_POST['prodType']) && isset($_POST['vendor']) && isset($_POST['model'])) { + + $pgid = $_POST['pgid']; + $pgname = $_POST['pgname']; + $prodType = $_POST['prodType']; + $vendor = $_POST['vendor']; + $model = $_POST['model']; + $version = $_POST['version']; + $descp = $_POST['descp']; + $eventdata = $_POST['eventdata']; + + $status = generate_plugin($conn, $pgid, $pgname, $prodType, $vendor, $model, $version, $descp, $eventdata); + + if ($status) { + try + { + $av_plugin = new Av_plugin(); + $plugin_name = "custom_" . $pgname; + $nsids = count($eventdata); + $file_output = $av_plugin->save_plugin($plugin_name,$pgid,$vendor,$model,$version,$prodType,$nsids); + $data['status'] = "OK"; + $data["data"] = $file_output; + } + catch(Exception $e) + { + $data['status'] = "Error"; + $data["data"] = $e->getMessage(); + // $config_nt['content'] = $e->getMessage().$back_link; + + // $nt = new Notification('nt_1', $config_nt); + // $nt->show(); + + // die(); + } + + + } else { + $data['status'] = "Error"; + $data["data"] = "Unable to generate plugin"; + } + } else { + $data['status'] = "Error"; + $data["data"] = "Invalid data"; + } + echo json_encode($data); +} else { + $data['status'] = "Error"; + $data["data"] = "Invalid action"; + echo json_encode($data); +} + +function generate_plugin($conn, $pgid, $pgname, $prodType, $vendor, $model, $version, $descp, $eventdata) +{ + $pluginFilename = "custom_" . $pgname . ".cfg"; + $sqlFilename = "custom_" . $pgname . ".sql"; + $logf = explode(".", $pluginFilename); + $logFilename = $logf[0] . ".log"; + $fp = fopen("/usr/share/ossim/www/av_plugin/views/plugin_builder/upload/" . $pluginFilename, "w"); + + if ($fp == false) { + return false; + } else { + + $content = "# NCCS Proprietary plugin\n# Author: NCCS Team at plugins@NCCS.com\n# Plugin " . $pgname . " id:" . $pgid . " version: " . $version . "\n# Description: +# " . $descp . " +# +# +# + +[DEFAULT] +plugin_id=" . $pgid . "\n\n +[config] +type=detector +enable=true +source=log +location=/var/log/customlog/" . $logFilename . " +create_file=true +process= +start= +stop= + + +"; + $var = json_decode($eventdata); + + $eventquerydata = array(); + if (sizeof($var) > 0) { + // print_r($var); + $i = 0; + foreach ($var as $data) { + $sid = $i + 1; + $content .= "[00" . $sid . " - " . $data->eventname . "]\n"; + $content .= $data->eventType . "\n"; + $content .= $data->regex . "\n"; + $content .= "plugin_sid=" . $sid . "\n"; + if ($data->date != "") { + $content .= $data->date . "\n"; + } + if ($data->device != "") { + $content .= $data->device . "\n"; + } + if ($data->src_ip != "") { + $content .= $data->src_ip . "\n"; + } + if ($data->dst_ip != "") { + $content .= $data->dst_ip . "\n"; + } + if ($data->src_port != "") { + $content .= $data->src_port . "\n"; + } + if ($data->dst_port != "") { + $content .= $data->dst_port . "\n"; + } + if ($data->username != "") { + $content .= $data->username . "\n"; + } + if ($data->filename != "") { + $content .= $data->filename . "\n"; + } + if ($data->userdata1 != "") { + $content .= $data->userdata1 . "\n"; + } + if ($data->userdata2 != "") { + $content .= $data->userdata2 . "\n"; + } + if ($data->userdata3 != "") { + $content .= $data->userdata3 . "\n"; + } + if ($data->userdata4 != "") { + $content .= $data->userdata4 . "\n"; + } + if ($data->userdata5 != "") { + $content .= $data->userdata5 . "\n"; + } + if ($data->userdata6 != "") { + $content .= $data->userdata6 . "\n"; + } + if ($data->userdata7 != "") { + $content .= $data->userdata7 . "\n"; + } + + $content .= "\n"; + $eventquerydata[$i] = [$pgid, $sid, $data->category, $data->classification, $pgname . ":" . $data->eventname, $data->priority, $data->reliablity, $data->subcategory]; + $i++; + } + } + $state = file_put_contents("/usr/share/ossim/www/av_plugin/views/plugin_builder/upload/" . $pluginFilename, $content, FILE_APPEND | LOCK_EX); + + fclose($fp); + $type = 1; + + $sqlcontent = "INSERT INTO alienvault.plugin (ctx,id, type, name, description,vendor,product_type) VALUES ('','$pgid','1','$pgname','$descp','$vendor','$prodType');"; + + + $nsids=0; + foreach ($eventquerydata as $qdata) { + + $sqlcontent .= "INSERT INTO alienvault.plugin_sid (plugin_id, sid, category_id, class_id, name,priority, reliability,subcategory_id) VALUES ('$qdata[0]','$qdata[1]','$qdata[2]','$qdata[3]','$qdata[4]','$qdata[5]','$qdata[6]','$qdata[7]');"; + $nsids=$nsids+1; + } + + $sqlstate = file_put_contents("/usr/share/ossim/www/av_plugin/views/plugin_builder/upload/" .$sqlFilename, $sqlcontent, FILE_APPEND | LOCK_EX); + + return true; + } +} +$db->close(); + diff --git a/os-sim/www/av_plugin/views/plugin_builder/css/accordion_css.css b/os-sim/www/av_plugin/views/plugin_builder/css/accordion_css.css new file mode 100644 index 0000000..c9228a7 --- /dev/null +++ b/os-sim/www/av_plugin/views/plugin_builder/css/accordion_css.css @@ -0,0 +1,314 @@ +.plgn_accord_cont { + margin: 30px !important; + border: 5px solid transparent !important; + background-color: transparent !important; + position: relative; + +} +label, select, input, #logLine, #result, button{ + font-family: Lucida,sans-serif,Verdana; +} +.plgn_accord_body { + /* height: 50vh; */ +} + +.upload_btn { + margin: 0; + position: absolute; + top: 50%; + left: 50%; + -ms-transform: translate(-50%, -50%); + transform: translate(-50%, -50%); +} + +.plgn_form_cont { + width: 40%; + margin: auto; + padding: 20px 30px 20px 60px; + border: 1px solid #E4E4EB; + box-shadow: rgba(0, 0, 0, 0.16) 0px 1px 4px; +} + +.plgn_form_cont>p { + font-size: 16px; + /* font-weight: bolder; */ + margin-top: 10px; +} + +.plgn_form_cont>div>div>div { + width: 49%; + display: inline-block; + /* border: 1px solid grey;; */ + margin-bottom: 10px; + margin-top: 10px; +} + + +.plgn_form_cont>div>div>div:nth-child(7) { + width: 99%; +} + +.plgn_form_cont>div>div>div input, +.plgn_form_cont>div>div>div textarea, +.plgn_mdl_tbl tbody td input, +.plgn_mdl_tbl tbody td textarea, + .plgn_mdl_tbl tbody td #logLine, #result{ + width: 90%; + margin: auto; + font-size: 11px; + margin-top: 10px; + -webkit-appearance: none; + padding: 8px 4px 8px 14px; + background: rgba(150, 150, 150, 0.1); + border: none; + border-radius: 2px; + transition: all 0.5s ease; +} +.plgn_form_cont>div>div>div input:focus, +.plgn_mdl_tbl tbody td input:focus, +.plgn_mdl_tbl tbody td input:focus-visible{ + border: 1px solid #E4E4EB; + outline: none; + +} +.plgn_form_cont>div>div>div input:focus::placeholder{ + + +} + +.plgn_form_cont>div>div>div select,.plgn_mdl_tbl tbody td select { + width: 93%; + margin: auto; + font-size: 11px; + margin-top: 10px; + -webkit-appearance: none; + border: none; + border-radius: 2px; + height: 30px; + padding: 7px; + color: gray; + background: rgba(150, 150, 150, 0.1); + transition: all 0.5s ease; +} +/* .plgn_mdl_tbl tbody td select, .plgn_mdl_tbl tbody td input, .plgn_mdl_tbl tbody td label, .plgn_mdl_tbl tbody td .logLine_td, .plgn_mdl_tbl tbody td textarea{ + font-size: 15px!important; +} */ + +.plgn_mdl_tbl tbody td label{ + font-size: 15px!important; +} +.plgn_mdl_tbl tbody td select{ + color: black!important; +} +.plgn_form_cont>div>div>div select:focus-visible, +.plgn_mdl_tbl tbody td select:focus-visible{ + border: 1px solid #E4E4EB!important; + outline:none; +} +.plgn_form_cont>div>div>div>label, +.plgn_mdl_tbl tbody td label { + font-size: 11px; + margin-bottom: 10px; +} + +.plgn_form_cont>div>div>div textarea, +.plgn_mdl_tbl tbody td textarea{ + width: 95%;; +} + +.plgn_form_cont>div>div>div textarea:focus-visible{ + border: 1px solid #E4E4EB!important; + outline:none; +} +.plgn_mdl_tbl tbody td input, +.plgn_mdl_tbl tbody td select{ + transition: none !important; +} +.plugin_table{ + width: 100%; + margin-top: 100px; +} + +.edit-icon{ + color: white; +} + +.loader-ovrd{ + z-index: 2; +} + +.plugin_table tbody td{ + width: 40%; +} + +.plugin_table tbody td button{ + background: none!important; + color: #6d224e!important; + transition: all 0.5s ease; + +} +.plugin_table tbody td button:hover{ + color: white!important; + background-color:#6d224e!important ; +} + +.plgn_mdl_tbl tbody td{ + width: 50%; + padding-bottom: 20px; +} + +.plgn_mdl_tbl tbody td:nth-child(odd){ + padding-right: 20px; +} + +.plgn_mdl_tbl{ + margin: auto; + margin-top: 40px; + padding: 0 20px; +} + +.logLine_td{ + width: 100%!important; + padding: 10px 10px 10px 0px; + position: relative; +} +#logline, #result{ + font-size: 15px!important; + padding: 0px; + width: 100%!important; +} +#result{ + border-bottom:1px solid ghostwhite; + padding: 10px; +} + +.m_btn{ + margin-top:27px; + color: white; + text-decoration: none; + text-transform: uppercase; + text-align: center; + border: none; + padding: 6px 10px; + background: #6d224e; + display: inline-block; + cursor: pointer; + border-radius: 2px; + top: 0px; +} +.m_btn:hover{ + background-color: #c74a4b; +} +.td_center{ + text-align: center; +} +.td_opts > button{ + margin-top: 50px; +} + +.final_plgn_tbl{ + font-family: "open_sans","Lucida Sans","Lucida Grande",Lucida,sans-serif,Verdana; + width: 100%; + margin: 10px 0; + padding: 10px; + /* border: 1px solid black; */ +} +.final_plgn_tbl thead tr td{ + border-bottom: 1px solid black; + color: white; + text-align: center; + background-color: #872e4d; + vertical-align: middle; +} +.final_plgn_tbl thead tr td h5{ + margin-top: 20px; +} +.final_plgn_tbl tbody tr td{ + padding-left: 10px; + padding-top: 10px; + border-bottom: #872e4d solid 1px; + width: 50%; + transition: 0.4s all; +} +.final_plgn_tbl tbody tr:hover{ + background-color: #f5e3e9; + position: relative; + top: 3px; +} +.final_plgn_tbl + div{ + width: 100%; + text-align: center; +} +.final_plgn_tbl + div div{ + display: inline; +} +.final_plgn_tbl + div + div{ + margin-top: 20px; + display: flex; + justify-content: space-evenly; + +} +.final_plgn_tbl + div + div button{ + color: white; + text-decoration: none; + text-transform: uppercase; + text-align: center; + border: none; + padding: 6px 10px; + background: #6d224e; + display: inline-block; + cursor: pointer; + border-radius: 2px; + top: 0px; +} +.final_plgn_tbl + div + div button:hover{ + background-color: #c74a4b; +} + +.final_nxt_btn_parent_div{ + text-align: right; + margin-top: 20px; +} + +.assign_btn_div{ + text-align: left; + +} +#clear_results{ + color: #6d224e; + position:absolute; + top: 25px; + right: 1px; + font-size: 10px; + user-select: none; + cursor: pointer; +} + + +#btnAssign:disabled, +btnAssign[disabled]{ + border: 1px solid #999999; + background-color: #cccccc; + color: #666666; +} + +#result_err{ + color:darkred; + font-size: 14px; +} + +.pluginContainer{ + margin-top: 20px; + height: auto; + position: fixed; + width: 400px; + right: -210px; +} + +#err_msg +{ + color: red; + font-size: 14px; + display: block; + padding-top: 10px; +} diff --git a/os-sim/www/av_plugin/views/plugin_builder/final_modal_data.php b/os-sim/www/av_plugin/views/plugin_builder/final_modal_data.php new file mode 100644 index 0000000..bb6cc36 --- /dev/null +++ b/os-sim/www/av_plugin/views/plugin_builder/final_modal_data.php @@ -0,0 +1,131 @@ + _("You do not have permission to see this section"), + 'options' => array( + 'type' => 'nf_error', + 'cancel_button' => false + ), + 'style' => 'width: 60%; margin: 30px auto; text-align:center;' + ); + + $nt = new Notification('nt_1', $config_nt); + $nt->show(); + + die(); +} + +?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Review Plugin Info
+
+
Plugin File
+ 		+
+
+
Vendor
+ 		+
+
+
Model
+ 		+
+
+
Version
+ 		+
+
+
Product Type
+ 		+
+
+
Number of Event Types
+ 		+
+
+
+
+
Enable Plugin
+
+
+ + +
+ + + 'jquery.min.js', 'def_path' => TRUE), + array('src' => '/av_plugin/views/plugin_builder/js/accordion_js.js', 'def_path' => FALSE), +); +Util::print_include_files($_files, 'js'); + +?> + + + \ No newline at end of file diff --git a/os-sim/www/av_plugin/views/plugin_builder/js/accordion_js.js b/os-sim/www/av_plugin/views/plugin_builder/js/accordion_js.js new file mode 100644 index 0000000..20ed7e1 --- /dev/null +++ b/os-sim/www/av_plugin/views/plugin_builder/js/accordion_js.js @@ -0,0 +1,842 @@ +class arrayProcessing { + static orignalArray; + static counter; + static state; + static uniqueLogandRegex = []; +} +$(".plgn_mdl_tbl").css("user-select","none"); +$("#logLine").css("user-select","text"); +// Making accordion functionable. (It has stopped working somehow. Will fix it later) +$(document).ready(function () { + $(".loader-ovrd").hide(); + $(".plgn_accord_body").fadeOut(0); + step1(); + $("#mxContainer").not($("#mxContainer")).slideUp('fast'); + $(".plgn_accord_body").not($(".plgn_accord_body")).slideUp('fast'); + + + + $(".plgn_accord_body").slideToggle(400); + // window.sessionStorage.clear(); + +}); + +// Defined method to close gb_show() +function close_modal() { + window.sessionStorage.removeItem('mode'); + parent.window.location.reload(); + +} + +// Showing upload file button and validating file on upload +function step1() { + $('#mxContainer').html(`
+
+ + + + +
+
`); + + $('#btnNext').click(function () { + $(".loader-ovrd").show(); + var fd = new FormData(); + var files = $('#iplogFile')[0].files; + + if (files.length > 0) { + fd.append('file', files[0]); + fd.append('action', 'logUpload'); + $.ajax({ + url: 'views/plugin_builder/action.php', + type: 'post', + data: fd, + contentType: false, + processData: false, + success: function (response) { + var data = JSON.parse(response); + if (data['status'] == 'OK') { + step2(data); + } else { + $("#err_msg").text("*Invalid Log File"); + $(".loader-ovrd").hide(); + + } + } + }); + } else { + $(".loader-ovrd").hide(); + $("#err_msg").text("*Log File Required"); + } + }); + +} + +function step2(data) { + + var entry = data["data"][0]; + $('#rg_raw_input_text').val(entry).trigger("input"); + arrayProcessing.orignalArray = data["data"]; + arrayProcessing.counter = 0; + arrayProcessing.state = false; + setTimeout(function () { + genRegex(); + }, 2000); + +} + +/** + * Description. This function generates the regex of log line by accessing log from the array defined in arrayProcessing class named as "orignalArray". it generates the regex then remove + * all the entries from the array that match the patteren generated and store the unique log and their regex into a 2D array defined in arrayProcessing class named + * as uniqueLogandRegex. + */ +function genRegex() { + var q = 1; + LABEL1: do { + + if (arrayProcessing.state) { + required_items2ndlvl = document.querySelectorAll(".rg-match-row:nth-child(2) .rg-match-item "); + for (j = 0; j < required_items2ndlvl.length; j++) { + var a = required_items2ndlvl[j].getElementsByTagName('a'); + if (a.length > 1) { + for (k = 0; k < a.length; k++) { + if (a[k].innerText == "Multiple characters") { + a[k].click(); + break; + } + if (a[k].innerText == "Number") { + a[k].click(); + break; + } + if (a[k].innerText == "Time") { + a[k].click(); + break; + } + if (a[k].innerText == "Date") { + a[k].click(); + break; + } + if (a[k].innerText == "IPv4 address") { + a[k].click(); + break; + } + if (a[k].innerText == "Parentheses") { + a[k].click(); + break; + } + if (a[k].innerText == "Square brackets") { + a[k].click(); + break; + } + + } + } else { + if (a[0].innerText == "Multiple characters") { + a[0].click(); + } + } + } + + required_items3rdlvl = document.querySelectorAll(".rg-match-row:nth-child(3) .rg-match-item:not(.rg-item-not-available)"); + for (j = 0; j < required_items3rdlvl.length; j++) { + var b = required_items3rdlvl[j].getElementsByTagName('a'); + if (b.length > 1) { + for (k = 0; k < b.length; k++) { + if (b[k].innerText == "Number") { + b[k].click(); + break; + } + if (b[k].innerText == "Alphanumeric characters") { + b[k].click(); + break; + } + if (b[k].innerText == "Multiple characters") { + b[k].click(); + break; + } + } + } else { + if (b[0].innerText == "Multiple characters") { + b[0].click(); + } + } + } + + required_items4thlvl = document.querySelectorAll(".rg-match-row:nth-child(4) .rg-match-item:not(.rg-item-not-available)"); + if (required_items4thlvl.length > 0) { + for (j = 0; j < required_items4thlvl.length; j++) { + var b = required_items4thlvl[j].getElementsByTagName('a'); + if (b.length > 1) { + for (k = 0; k < b.length; k++) { + if (b[k].innerText == "Number") { + b[k].click(); + break; + } + if (b[k].innerText == "Alphanumeric characters") { + b[k].click(); + break; + } + if (b[k].innerText == "Multiple characters") { + b[k].click(); + break; + } + + } + } else { + if (b[0].innerText == "Multiple characters") { + b[0].click(); + } + } + } + } + + required_items5thlvl = document.querySelectorAll(".rg-match-row:nth-child(5) .rg-match-item:not(.rg-item-not-available)"); + if (required_items5thlvl.length > 0) { + for (j = 0; j < required_items5thlvl.length; j++) { + var b = required_items5thlvl[j].getElementsByTagName('a'); + if (b.length > 1) { + for (k = 0; k < b.length; k++) { + if (b[k].innerText == "Number") { + b[k].click(); + break; + } + if (b[k].innerText == "Multiple characters") { + b[k].click(); + break; + } + } + } else { + if (b[0].innerText == "Multiple characters") { + b[0].click(); + } + } + } + } + + required_items6thlvl = document.querySelectorAll(".rg-match-row:nth-child(6) .rg-match-item:not(.rg-item-not-available)"); + if (required_items6thlvl.length > 0) { + for (j = 0; j < required_items6thlvl.length; j++) { + var b = required_items6thlvl[j].getElementsByTagName('a'); + if (b.length > 1) { + for (k = 0; k < b.length; k++) { + if (b[k].innerText == "Number") { + b[k].click(); + break; + } + if (b[k].innerText == "Multiple characters") { + b[k].click(); + break; + } + } + } else { + if (b[0].innerText == "Multiple characters") { + b[0].click(); + } + } + } + } + + required_items7thlvl = document.querySelectorAll(".rg-match-row:nth-child(7) .rg-match-item:not(.rg-item-not-available)"); + if (required_items7thlvl.length > 0) { + for (j = 0; j < required_items7thlvl.length; j++) { + var b = required_items7thlvl[j].getElementsByTagName('a'); + if (b.length > 1) { + for (k = 0; k < b.length; k++) { + if (b[k].innerText == "Number") { + b[k].click(); + break; + } + if (b[k].innerText == "Multiple characters") { + b[k].click(); + break; + } + } + } else { + if (b[0].innerText == "Multiple characters") { + b[0].click(); + } + } + } + } + + required_items8thlvl = document.querySelectorAll(".rg-match-row:nth-child(7) .rg-match-item:not(.rg-item-not-available)"); + if (required_items8thlvl.length > 0) { + for (j = 0; j < required_items8thlvl.length; j++) { + var b = required_items8thlvl[j].getElementsByTagName('a'); + if (b.length > 1) { + for (k = 0; k < b.length; k++) { + if (b[k].innerText == "Number") { + b[k].click(); + break; + } + if (b[k].innerText == "Multiple characters") { + b[k].click(); + break; + } + } + } else { + if (b[0].innerText == "Multiple characters") { + b[0].click(); + } + } + } + } + + break LABEL1; + + } else { + continue LABEL1; + } + + } while (1); + + var regexp = ""; + $("#rg_result_display span").each(function (index) { + regexp += $(this).text(); + }); + + arrayProcessing.uniqueLogandRegex.push([$('#rg_raw_input_text').val(), regexp]); + + removeItem(regexp); + $('.rg-item-selected').trigger('click'); + + var entry = arrayProcessing.orignalArray[0]; + $('#rg_raw_input_text').val("").trigger("input"); + arrayProcessing.state = false; + $('#rg_raw_input_text').val(entry).trigger("input"); + setTimeout(function () { + if (arrayProcessing.orignalArray.length > 0) { + genRegex(); + } else { + + // REMOVING DUPLICATION + var el = arrayProcessing.uniqueLogandRegex; + function multiDimensionalUnique(el) { + var uniques = []; + var itemsFound = {}; + for (var i = 0, l = el.length; i < l; i++) { + var stringified = JSON.stringify(el[i]); + if (itemsFound[stringified]) { continue; } + uniques.push(el[i]); + itemsFound[stringified] = true; + } + return uniques; + } + //END REMOVING DUPLICATION + var fd = new FormData(); + fd.append('regexs', JSON.stringify(multiDimensionalUnique(el))); + fd.append('action', 'regexGenerated'); + $.ajax({ + url: 'views/plugin_builder/action.php', + type: 'post', + data: fd, + contentType: false, + processData: false, + beforeSend: function () { + // $(".loader-ovrd").show(); + }, + success: function (response) { + var data = JSON.parse(response); + if (data['status'] == 'OK') { + $(".loader-ovrd").hide(); + step3(data); + + } else { + $(".loader-ovrd").hide(); + alert('Something went wrong'); + + } + } + + }); + } + }, 1000); + +} + +/* my added code */ +$(document) + .ajaxStart(function () { + $(".loader-ovrd").show(); + }); + + + +function removeItem(itemToRemove) { + arrayProcessing.orignalArray.splice(0, 1); + arrayProcessing.counter++; +} +var arr; +var colselection; + +// Adding Greybox +function toggle_modal(e) { + // e.stopPropagation(); + window.sessionStorage.setItem("arr_items2", "12345"); + var row = $(e).parent().parent(); + + colselection = row.find("td:nth-child(4)"); + if (colselection[0].innerHTML != "Done") { + + var log = $(e).attr("data-log"); + var r = $(e).attr("data-regex"); + window.sessionStorage.setItem('log_value', log); + // window.sessionStorage.setItem('element_value', colselection[0]); + var reg = String.raw`${r}`; + + var logArr = log.split(' '); + var regArr = reg.split(' '); + + arr = getArray(logArr, regArr); + window.sessionStorage.setItem("arr_items", JSON.stringify(arr)); + + + var t = $(e).attr('data-title'); + var href = $(e).attr('href'); + GB_show(t, href, 650, '40%'); + + } else { + alert("Event already saved"); + } + return false; +} +$(document).on('click', '.deleteModalEntry', function () { + //Event Delete code goes here + var row = $(this).parent().parent(); + let text = "Do you really want to remove this event?"; + if (confirm(text) == true) { + row.remove(); + } + +}); + +$(document).on('click', '#btnFinalNext', function () { + + var checking = $('#tblEvent tr>td:last-child'); + var flag = 1; + for (var i = 0; i < checking.length; i++) { + if (checking[i].innerHTML != "Done") { + flag = 0; + } + } + if (flag == 1) { + + + + var plgn_keys = new Array( + "plugiName", + "pluginVendor", + "pluginModel", + "pluginVersion", + "pluginProductType", + "pluginEventCount"); + + + var plgn_details = new Array( + "/custom_" + $("#txtPluginName").val() + ".cfg", + $('#txtVendor').val(), + $('#txtModel').val(), + $('#txtVersion').val(), + $('#txtProductType option:selected').text(), + checking.length); + + + var plgn_final_keys = new Array( + "pgid", + "pgname", + "prodType", + "vendor", + "model", + "version", + "descp"); + + var plgn_final_data = new Array( + $("#txtPluginId").val(), + $("#txtPluginName").val(), + $("#txtProductType").val(), + plgn_details[1], + plgn_details[2], + plgn_details[3], + $("#txtDescription").val() + ); + var plgn_arr = getArray(plgn_keys, plgn_details); + var plgn_final_arr = getArray(plgn_final_keys, plgn_final_data); + + window.sessionStorage.setItem('plugin_details', JSON.stringify(plgn_arr)); + window.sessionStorage.setItem('final_plugin_details', JSON.stringify(plgn_final_arr)); + + var t = $(this).attr('data-title'); + var href = $(this).attr('href'); + GB_show(t, href, 470, '40%'); + + } else { + alert('Configure pending events/Delete pending events'); + } +}); + +$(document).on('click', '#btnPluginFinish', function () { + var fd = new FormData(); + + // var pgid = $("#txtPluginId").val(); + // var pgname = $("#txtPluginName").val(); + // var prodType = $("#txtProductType").val(); + // var vendor = $("#txtVendor").val(); + // var model = $("#txtModel").val(); + // var version = $("#txtVersion").val(); + // var descp = $("#txtDescription").val(); + + fd.append("action", "generateplugin"); + var arr = JSON.parse(sessionStorage.getItem("final_plugin_details")); + + var eventsData = JSON.parse(window.sessionStorage.getItem('eventsData')); + // window.sessionStorage.removeItem("final_plugin_details"); + window.sessionStorage.removeItem("eventsData"); + + for (i = 0; i < arr.length; i++) { + + fd.append(arr[i][0], arr[i][1]); + + } + var jsondata = JSON.stringify(eventsData); + fd.append("eventdata", jsondata); + $.ajax({ + url: "action.php", + type: "post", + data: fd, + contentType: false, + processData: false, + success: function (response) { + var data = JSON.parse(response); + if (data["status"] == "OK") { + console.log(data); + window.sessionStorage.clear(); + close_modal(); + console.log(0); + window.location.reload(); + document.getElementById("back_button").click(); + console.log(1); + + + //$("#add_button").click(); + } + } + }); +}); +/***Final phase */ +class pluginEvent { + eventType = ""; + eventname = ""; + category = ""; + subcategory = ""; + classification = ""; + priority = ""; + reliablity = ""; + regex = ""; + date = ""; + time = ""; + device = ""; + src_ip = ""; + dst_ip = ""; + src_port = ""; + dst_port = ""; + username = ""; + filename = ""; + userdata1 = ""; + userdata2 = ""; + userdata3 = ""; + userdata4 = ""; + userdata5 = ""; + userdata6 = ""; + userdata7 = ""; +} +var eventsData = []; + +function save_modal_data() { + + var eventname = $("#txtEventName").val(); + var category = $("#txtCategory").val(); + var subcategory = $("#txtSubCategory").val(); + var classification = $("#txtClassification").val(); + var priority = $("#txtPriority").val(); + var reliablity = $("#txtReliability").val(); + if (eventname == "") { + + $("#errEventName").text(`Event Name is required`); + $("#errEventName").attr("class", "text-danger"); + return; + + } else { + $("#errEventName").text(``); + $("#errEventName").attr("class", ""); + } + eventDetail.eventType = "event_type=event"; + eventDetail.eventname = eventname; + eventDetail.category = category; + eventDetail.subcategory = subcategory; + eventDetail.classification = classification; + eventDetail.priority = priority; + eventDetail.reliablity = reliablity; + // if(eventDetail.regex.length === 0) + // { + var regex = ""; + var arr = JSON.parse(sessionStorage.getItem("arr_items")); + + for (i = 0; i < arr.length; i++) { + if (i != arr.length - 1) { + if (arr[i + 1][0] == "") { + regex = regex + arr[i][1] + " "; + } else if (arr[i][0] == "/") { + var tlog = arr[i][1]; + tlog = [tlog.slice(0, tlog.length - 1), "\\", tlog.slice(tlog.length - 1)].join(''); + regex = regex + tlog; + } else { + regex = regex + arr[i][1]; + } + + + } else { + regex = regex + arr[i][1]; + } + } + eventDetail.regex = 'regexp="' + regex + '"'; + //} + window.parent[0].colselection[0].innerHTML = "Done"; + eventsData.push(eventDetail); + var oldItems = JSON.parse(sessionStorage.getItem('eventsData')) || []; + oldItems.push(eventDetail); + window.sessionStorage.setItem('eventsData', JSON.stringify(oldItems)); + eventDetail = new pluginEvent(); + $("#txtEventName").val(''); + $("#txtCategory").val('NULL').trigger('change'); + $("#txtSubCategory").val('NULL').trigger('change'); + $("#txtClassification").val('NULL').trigger('change'); + $("#txtReliability").val('0').trigger('change'); + $("#txtPriority").val('0').trigger('change'); + close_modal(); + +} + +/*---------------Tokenization Script---------------*/ + +var eventDetail = new pluginEvent(); + +function tokenization() { + + var txt = $('#result').text(); + var txtArr = txt.split(' '); + var startIndex = -1, endIndex = -1; + + var arr = JSON.parse(sessionStorage.getItem("arr_items")); + for (i = 0; i < arr.length; i++) { + if (arr[i][0] == txtArr[0] && startIndex == -1) { + startIndex = i; + } + if (arr[i][0] == txtArr[txtArr.length - 1]) { + endIndex = i; + } + } + if (startIndex == -1 || endIndex == -1) { + alert("Invalid Selection"); + return; + } + + var opt = $("#fieldSelection option:selected").text(); + + if (opt == "date") { + arr[startIndex][1] = "(?P" + arr[startIndex][1]; + arr[endIndex][1] = arr[endIndex][1] + ")"; + } else if (opt == "time") { + arr[startIndex][1] = "(?P