protected void btnSave_Click(object sender, EventArgs e)
{
ids auxNewIDPS = new ids();
idsBus oIDS = new idsBus();
bool needRequiredFields = false;
int saveType = 0;
if (btnNew.Enabled) saveType = 2;
if (!btnNew.Enabled) saveType = 1;
if (String.IsNullOrEmpty(txtIDPSName.Text)) needRequiredFields = true;
if (String.IsNullOrEmpty(txtIP.Text)) needRequiredFields = true;
if (!needRequiredFields)
{
auxNewIDPS.idsName = txtIDPSName.Text;
auxNewIDPS.IdsTypeId = Convert.ToInt32(ddlIDPSType.SelectedValue);
auxNewIDPS.DatabaseTypeId = Convert.ToInt32(ddlDatabaseType.SelectedValue);
auxNewIDPS.IdsIP = txtIP.Text;
auxNewIDPS.DatabaseUser = txtUserDataBase.Text;
auxNewIDPS.DatabasePass = txtPassDataBase.Text;
auxNewIDPS.DatabaseName = txtSourceDataBase.Text;
auxNewIDPS.DatabaseHost = txtHostDatabase.Text;
auxNewIDPS.IdsVersion = txtIDPSVersion.Text;
auxNewIDPS.Active = Convert.ToSByte(chkActive.Checked);
switch (saveType)
{
case 1: //save
if (oIDS.idsAdd(auxNewIDPS) > 0)
{
lblMessage.Text = "Datos guardados correctamente!";
clearFields();
activateFields(false, true);
btnNew.Enabled = true;
getIDPSData();
}
else
lblMessage.Text = "Error al guardar los datos!";
break;
case 2: //update
auxNewIDPS.IdsId = Convert.ToInt32(txtIDPSId.Text);
if (oIDS.idsUpdate(auxNewIDPS))
{
lblMessage.Text = "Datos actualizados correctamente!";
clearFields();
activateFields(false, true);
btnSave.Enabled = false;
getIDPSData();
}
else
lblMessage.Text = "Error al guardar los datos!";
break;
}
}
else
{
lblMessage.Text = "Error, existen campos sin completar!";
}
}
public List<ids> idsGetAll()
{
List<ids> lstids = new List<ids>();
try
{
DataTable dt = SqlHelper.ExecuteDataset(SqlImplHelper.getConnectionString(), "idsGetAll").Tables[0];
if (dt.Rows.Count > 0)
{
int colIdsId = dt.Columns["IdsId"].Ordinal;
int colIdsName = dt.Columns["IdsName"].Ordinal;
int colDatabaseTypeId = dt.Columns["DatabaseTypeId"].Ordinal;
int colIdsTypeId = dt.Columns["IdsTypeId"].Ordinal;
int colActive = dt.Columns["Active"].Ordinal;
int colIdsIP = dt.Columns["IdsIP"].Ordinal;
int colDatabaseUser = dt.Columns["DatabaseUser"].Ordinal;
int colDatabasePass = dt.Columns["DatabasePass"].Ordinal;
int colDatabaseName = dt.Columns["DatabaseName"].Ordinal;
int colDatabaseHost = dt.Columns["DatabaseHost"].Ordinal;
int colIdsVersion = dt.Columns["IdsVersion"].Ordinal;
for (int i = 0; dt.Rows.Count > i; i++)
{
ids NewEnt = new ids();
NewEnt.IdsId = Int32.Parse(dt.Rows[i].ItemArray[colIdsId].ToString());
NewEnt.idsName = dt.Rows[i].ItemArray[colIdsName].ToString();
NewEnt.DatabaseTypeId = Int32.Parse(dt.Rows[i].ItemArray[colDatabaseTypeId].ToString());
NewEnt.IdsTypeId = Int32.Parse(dt.Rows[i].ItemArray[colIdsTypeId].ToString());
NewEnt.Active = sbyte.Parse(dt.Rows[i].ItemArray[colActive].ToString());
NewEnt.IdsIP = dt.Rows[i].ItemArray[colIdsIP].ToString();
NewEnt.DatabaseUser = dt.Rows[i].ItemArray[colDatabaseUser].ToString();
NewEnt.DatabasePass = dt.Rows[i].ItemArray[colDatabasePass].ToString();
NewEnt.DatabaseName = dt.Rows[i].ItemArray[colDatabaseName].ToString();
NewEnt.DatabaseHost = dt.Rows[i].ItemArray[colDatabaseHost].ToString();
NewEnt.IdsVersion = dt.Rows[i].ItemArray[colIdsVersion].ToString();
lstids.Add(NewEnt);
}
}
return lstids;
}
catch(Exception ex)
{
throw ex;
}
}
public int idsAdd( ids ids)
{
try
{
return (int)SqlHelper.ExecuteScalar(SqlImplHelper.getConnectionString(), "idsAdd",
ids.idsName,
ids.DatabaseTypeId,
ids.IdsTypeId,
ids.Active,
ids.IdsIP,
ids.DatabaseUser,
ids.DatabasePass,
ids.DatabaseName,
ids.DatabaseHost,
ids.IdsVersion);
}
catch(Exception ex)
{
throw ex;
}
}
public DataTable getIDPSData()
{
DataSet dtsResult = new DataSet();
DataTable dttResult = new DataTable();
dttResult.Columns.Add(new DataColumn("IDPSId", System.Type.GetType("System.Int32")));
dttResult.Columns.Add(new DataColumn("EventsAlarmId", System.Type.GetType("System.Int32")));
dttResult.Columns.Add(new DataColumn("IDPSEventId", System.Type.GetType("System.Int32")));
dttResult.Columns.Add(new DataColumn("datetime ", System.Type.GetType("System.String")));
dttResult.Columns.Add(new DataColumn("description", System.Type.GetType("System.String")));
dttResult.Columns.Add(new DataColumn("source ", System.Type.GetType("System.String")));
List<eventsalarm> lstEventsAlarm = new List<eventsalarm>();
eventsalarmBus oEventsAlarm = new eventsalarmBus();
ids auxIDPS = new ids();
idsBus oIDPSBus = new idsBus();
lstEventsAlarm = oEventsAlarm.eventsalarmGetAll();
if (lstEventsAlarm.Count > 0)
{
foreach (eventsalarm row in lstEventsAlarm)
{
switch (row.IdsId)
{
case 1: //ossec
auxIDPS = oIDPSBus.idsGetById(row.IdsId);
dtsResult= requestOSSECEvents( auxIDPS.DatabaseHost,
auxIDPS.DatabaseName,
auxIDPS.DatabaseUser,
auxIDPS.DatabasePass,
row.IdsSignatureCategoryId);
if (dtsResult.Tables[0].Rows.Count > 0)
{
foreach(DataRow rowResult in dtsResult.Tables[0].Rows)
{
dttResult.Rows.Add(row.IdsId,
row.EventsAlarmId,
Convert.ToInt32(rowResult[0].ToString()),
rowResult[1].ToString(),
rowResult[2].ToString(),
rowResult[3].ToString());
}
}
break;
case 2: //snort
case 3: //suricata
auxIDPS = oIDPSBus.idsGetById(row.IdsId);
dtsResult= requestbarnyard2Events(auxIDPS.DatabaseHost,
auxIDPS.DatabaseName,
auxIDPS.DatabaseUser,
auxIDPS.DatabasePass,
row.IdsSignatureCategoryId);
if (dtsResult.Tables[0].Rows.Count > 0)
{
foreach (DataRow rowResult in dtsResult.Tables[0].Rows)
{
dttResult.Rows.Add(row.IdsId,
row.EventsAlarmId,
Convert.ToInt32(rowResult[0].ToString()),
rowResult[1].ToString(),
rowResult[2].ToString(),
rowResult[3].ToString());
}
}
break;
case 4: //bro
auxIDPS = oIDPSBus.idsGetById(row.IdsId);
dtsResult = requestBroEvents(auxIDPS.DatabaseHost,
auxIDPS.DatabaseName,
auxIDPS.DatabaseUser,
auxIDPS.DatabasePass,
row.IdsSignatureCategoryId);
if (dtsResult.Tables[0].Rows.Count > 0)
{
foreach (DataRow rowResult in dtsResult.Tables[0].Rows)
{
dttResult.Rows.Add(row.IdsId,
row.EventsAlarmId,
Convert.ToInt32(rowResult[0].ToString()),
rowResult[1].ToString(),
rowResult[2].ToString(),
rowResult[3].ToString());
}
}
break;
}
}
}
return dttResult;
}
public DataSet getIDPSSignaturesCategory(int idpsId)
{
ids auxIDPS = new ids();
idsBus oIDPSBus = new idsBus();
DataSet dtsResult = new DataSet();
string sqlQuery;
auxIDPS = oIDPSBus.idsGetById(idpsId);
if (auxIDPS != null)
{
switch (auxIDPS.IdsId)
{
case 1: //ossec
sqlQuery= "SELECT cat_id as SignatureCategoryId, "
+ " cat_name as SignatureCategoryName "
+ " FROM Category "
+ " ORDER by cat_id; ";
dtsResult= ExecQueryMySQL(auxIDPS.DatabaseHost,
auxIDPS.DatabaseName,
auxIDPS.DatabaseUser,
auxIDPS.DatabasePass,
sqlQuery);
break;
case 2: //snort
case 3: //suricata
sqlQuery= "SELECT sig_class_id as SignatureCategoryId, "
+ " sig_class_name as SignatureCategoryName "
+ " FROM sig_class "
+ " ORDER by sig_class_id; ";
dtsResult= ExecQueryMySQL(auxIDPS.DatabaseHost,
auxIDPS.DatabaseName,
auxIDPS.DatabaseUser,
auxIDPS.DatabasePass,
sqlQuery);
break;
case 4: //bro
//TODO
break;
}
}
return dtsResult;
}
protected void getEventsDetectionData()
{
DataTable dttEventsDetection = new DataTable();
dttEventsDetection.Columns.Add(new DataColumn("eventsDetectionId", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("datetime", System.Type.GetType("System.DateTime")));
dttEventsDetection.Columns.Add(new DataColumn("eventStauts", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("eventStatusDescription", System.Type.GetType("System.String")));
dttEventsDetection.Columns.Add(new DataColumn("IDSId", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("IDPS", System.Type.GetType("System.String")));
dttEventsDetection.Columns.Add(new DataColumn("idsName", System.Type.GetType("System.String")));
dttEventsDetection.Columns.Add(new DataColumn("eventsAlarmId", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("severityId", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("severityDescription", System.Type.GetType("System.String")));
dttEventsDetection.Columns.Add(new DataColumn("SLATimeToResponse", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("TaskId", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("IDPSEventId", System.Type.GetType("System.Int32")));
List<eventsdetection> lstEvetnsDetection = new List<eventsdetection>();
eventsdetectionBus oEventsDetection = new eventsdetectionBus();
idsBus oIDPS = new idsBus();
eventsalarmBus oEventsAlarm = new eventsalarmBus();
severityBus oSeverity = new severityBus();
tasksBus oTask = new tasksBus();
taskstatusBus oTaskStatus = new taskstatusBus();
lstEvetnsDetection = oEventsDetection.eventsdetectionGetAll();
if (lstEvetnsDetection.Count > 0)
{
foreach (eventsdetection row in lstEvetnsDetection)
{
if (row.EventStatus == 2 || row.EventStatus == 5) //Closed, Rejected
continue;
ids auxIDPS = new ids();
eventsalarm auxEventAlarm = new eventsalarm();
severity auxSeverity = new severity();
tasks auxTask = new tasks();
taskstatus auxTaskStatus = new taskstatus();
auxIDPS = oIDPS.idsGetById(row.IdsId);
auxEventAlarm = oEventsAlarm.eventsalarmGetById(row.EventsAlarmId);
auxSeverity = oSeverity.severityGetById(auxEventAlarm.Severity);
auxTask = oTask.tasksGetByEventsDetectionId(row.EventsDetectionId);
auxTaskStatus = oTaskStatus.taskstatusGetById(row.EventStatus);
dttEventsDetection.Rows.Add(row.EventsDetectionId,
row.DateTime,
row.EventStatus,
auxTaskStatus.TaskStatusDescription,
row.IdsId,
auxIDPS.IdsIP,
auxIDPS.idsName,
row.EventsAlarmId,
auxSeverity.SeverityId,
auxSeverity.SeverityDescription,
auxSeverity.SLATimeToResponse,
auxTask.TaskId,
row.IDPSEventId);
}
gvEventsDetection.DataSource = dttEventsDetection;
gvEventsDetection.DataBind();
}
}
protected void btnSearch_Click(object sender, EventArgs e)
{
if (!String.IsNullOrEmpty(txtSearch.Text))
{
DataTable dttEventsDetection = new DataTable();
dttEventsDetection.Columns.Add(new DataColumn("eventsDetectionId", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("datetime", System.Type.GetType("System.DateTime")));
dttEventsDetection.Columns.Add(new DataColumn("eventStauts", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("eventStatusDescription", System.Type.GetType("System.String")));
dttEventsDetection.Columns.Add(new DataColumn("IDSId", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("IDPS", System.Type.GetType("System.String")));
dttEventsDetection.Columns.Add(new DataColumn("idsName", System.Type.GetType("System.String")));
dttEventsDetection.Columns.Add(new DataColumn("eventsAlarmId", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("severityId", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("severityDescription", System.Type.GetType("System.String")));
dttEventsDetection.Columns.Add(new DataColumn("SLATimeToResponse", System.Type.GetType("System.Int32")));
dttEventsDetection.Columns.Add(new DataColumn("TaskId", System.Type.GetType("System.Int32")));
eventsdetection auxEvetnsDetection = new eventsdetection();
eventsdetectionBus oEventsDetection = new eventsdetectionBus();
idsBus oIDPS = new idsBus();
eventsalarmBus oEventsAlarm = new eventsalarmBus();
severityBus oSeverity = new severityBus();
tasksBus oTask = new tasksBus();
auxEvetnsDetection = oEventsDetection.eventsdetectionGetById(Convert.ToInt32(txtSearch.Text));
if (auxEvetnsDetection != null)
{
string strStatus = "";
ids auxIDPS = new ids();
eventsalarm auxEventAlarm = new eventsalarm();
severity auxSeverity = new severity();
tasks auxTask = new tasks();
switch (auxEvetnsDetection.EventStatus)
{
case 1: strStatus = "Pendiente"; break;
case 2: strStatus = "En tratamiento"; break;
case 3: strStatus = "Cerrado"; break;
}
auxIDPS = oIDPS.idsGetById(auxEvetnsDetection.IdsId);
auxEventAlarm = oEventsAlarm.eventsalarmGetById(auxEvetnsDetection.EventsAlarmId);
auxSeverity = oSeverity.severityGetById(auxEventAlarm.Severity);
auxTask = oTask.tasksGetByEventsDetectionId(auxEvetnsDetection.EventsDetectionId);
dttEventsDetection.Rows.Add(auxEvetnsDetection.EventsDetectionId,
auxEvetnsDetection.DateTime,
auxEvetnsDetection.EventStatus,
strStatus,
auxEvetnsDetection.IdsId,
auxIDPS.IdsIP,
auxIDPS.idsName,
auxEvetnsDetection.EventsAlarmId,
auxSeverity.SeverityId,
auxSeverity.SeverityDescription,
auxSeverity.SLATimeToResponse,
auxTask.TaskId);
gvEventsDetection.DataSource = dttEventsDetection;
gvEventsDetection.DataBind();
}
else
{
lblMessage.Text = "Busqueda sin resultados...";
}
}
}
protected void gvIDPS_SelectedIndexChanged(object sender, EventArgs e)
{
GridViewRow row = gvIDPS.SelectedRow;
ids auxIDPS = new ids();
idsBus oIDPS = new idsBus();
try
{
ddlIDPSType.SelectedValue= ((Label)row.FindControl("idsTypeId")).Text;
ddlDatabaseType.SelectedValue = ((Label)row.FindControl("databaseTypeId")).Text;
}
catch
{
}
if ((Label)row.FindControl("idsId") != null) { txtIDPSId.Text = ((Label)row.FindControl("idsId")).Text; } else { txtIDPSId.Text = ""; }
if ((Label)row.FindControl("idsName") != null) { txtIDPSName.Text = ((Label)row.FindControl("idsName")).Text; } else { txtIDPSName.Text = ""; }
if ((Label)row.FindControl("idsVersion") != null) { txtIDPSVersion.Text = ((Label)row.FindControl("idsVersion")).Text; } else { txtIDPSVersion.Text = ""; }
if ((Label)row.FindControl("idsIP") != null) { txtIP.Text = ((Label)row.FindControl("idsIP")).Text; } else { txtIP.Text = ""; }
if ((CheckBox)row.FindControl("active") != null) { chkActive.Checked = ((CheckBox)row.FindControl("active")).Checked; } else { chkActive.Checked = false; }
auxIDPS = oIDPS.idsGetById(Convert.ToInt32(txtIDPSId.Text));
txtUserDataBase.Text = auxIDPS.DatabaseUser;
txtPassDataBase.Text = auxIDPS.DatabasePass;
txtSourceDataBase.Text = auxIDPS.DatabaseName;
txtHostDatabase.Text = auxIDPS.DatabaseHost;
activateFields(true, false);
btnSave.Enabled = true;
}
public bool idsUpdate(ids ids)
{
idsImpl oidsImpl = new idsImpl();
return oidsImpl.idsUpdate( ids);
}
public int idsAdd(ids ids)
{
idsImpl oidsImpl = new idsImpl();
return oidsImpl.idsAdd( ids);
}
public bool idsUpdate( ids ids)
{
try
{
int update = (int)SqlHelper.ExecuteScalar(SqlImplHelper.getConnectionString(), "idsUpdate",
ids.IdsId,
ids.idsName,
ids.DatabaseTypeId,
ids.IdsTypeId,
ids.Active,
ids.IdsIP,
ids.DatabaseUser,
ids.DatabasePass,
ids.DatabaseName,
ids.DatabaseHost,
ids.IdsVersion);
if (update > 0)
{
return true;
}
else
{
return false;
}
}
catch(Exception ex)
{
throw ex;
}
}
public ids idsGetById(int IdsId)
{
try
{
DataTable dt = SqlHelper.ExecuteDataset(SqlImplHelper.getConnectionString(), "idsGetById",
IdsId).Tables[0];
ids NewEnt = new ids();
if(dt.Rows.Count > 0)
{
DataRow dr = dt.Rows[0];
NewEnt.IdsId = Int32.Parse(dr["IdsId"].ToString());
NewEnt.idsName = dr["IdsName"].ToString();
NewEnt.DatabaseTypeId = Int32.Parse(dr["DatabaseTypeId"].ToString());
NewEnt.IdsTypeId = Int32.Parse(dr["IdsTypeId"].ToString());
NewEnt.Active = sbyte.Parse(dr["Active"].ToString());
NewEnt.IdsIP = dr["IdsIP"].ToString();
NewEnt.DatabaseUser = dr["DatabaseUser"].ToString();
NewEnt.DatabasePass = dr["DatabasePass"].ToString();
NewEnt.DatabaseName = dr["DatabaseName"].ToString();
NewEnt.DatabaseHost = dr["DatabaseHost"].ToString();
NewEnt.IdsVersion = dr["IdsVersion"].ToString();
}
return NewEnt;
}
catch(Exception ex)
{
throw ex;
}
}
