Example #1
0
        protected void btnSave_Click(object sender, EventArgs e)
        {
            ids auxNewIDPS = new ids();
            idsBus oIDS = new idsBus();
            bool needRequiredFields = false;
            int saveType = 0;

            if (btnNew.Enabled)  saveType = 2;
            if (!btnNew.Enabled) saveType = 1;

            if (String.IsNullOrEmpty(txtIDPSName.Text)) needRequiredFields = true;
            if (String.IsNullOrEmpty(txtIP.Text)) needRequiredFields = true;

            if (!needRequiredFields)
            {
                auxNewIDPS.idsName = txtIDPSName.Text;
                auxNewIDPS.IdsTypeId = Convert.ToInt32(ddlIDPSType.SelectedValue);
                auxNewIDPS.DatabaseTypeId = Convert.ToInt32(ddlDatabaseType.SelectedValue);
                auxNewIDPS.IdsIP = txtIP.Text;
                auxNewIDPS.DatabaseUser = txtUserDataBase.Text;
                auxNewIDPS.DatabasePass = txtPassDataBase.Text;
                auxNewIDPS.DatabaseName = txtSourceDataBase.Text;
                auxNewIDPS.DatabaseHost = txtHostDatabase.Text;
                auxNewIDPS.IdsVersion = txtIDPSVersion.Text;
                auxNewIDPS.Active = Convert.ToSByte(chkActive.Checked);

                switch (saveType)
                {
                    case 1: //save
                        if (oIDS.idsAdd(auxNewIDPS) > 0)
                        {
                            lblMessage.Text = "Datos guardados correctamente!";
                            clearFields();
                            activateFields(false, true);
                            btnNew.Enabled = true;
                            getIDPSData();
                        }
                        else
                            lblMessage.Text = "Error al guardar los datos!";
                    break;
                    case 2: //update
                        auxNewIDPS.IdsId = Convert.ToInt32(txtIDPSId.Text);
                        if (oIDS.idsUpdate(auxNewIDPS))
                        {
                            lblMessage.Text = "Datos actualizados correctamente!";
                            clearFields();
                            activateFields(false, true);
                            btnSave.Enabled = false;
                            getIDPSData();
                        }
                        else
                            lblMessage.Text = "Error al guardar los datos!";
                    break;
                }
            }
            else
            {
                lblMessage.Text = "Error, existen campos sin completar!";
            }
        }
Example #2
0
        public List<ids> idsGetAll()
        {
            List<ids> lstids = new List<ids>();
            try
            {
                DataTable dt = SqlHelper.ExecuteDataset(SqlImplHelper.getConnectionString(), "idsGetAll").Tables[0];
                if (dt.Rows.Count > 0)
                {
                    int colIdsId =  dt.Columns["IdsId"].Ordinal;
                    int colIdsName = dt.Columns["IdsName"].Ordinal;
                    int colDatabaseTypeId =  dt.Columns["DatabaseTypeId"].Ordinal;
                    int colIdsTypeId =  dt.Columns["IdsTypeId"].Ordinal;
                    int colActive =  dt.Columns["Active"].Ordinal;
                    int colIdsIP =  dt.Columns["IdsIP"].Ordinal;
                    int colDatabaseUser = dt.Columns["DatabaseUser"].Ordinal;
                    int colDatabasePass = dt.Columns["DatabasePass"].Ordinal;
                    int colDatabaseName = dt.Columns["DatabaseName"].Ordinal;
                    int colDatabaseHost = dt.Columns["DatabaseHost"].Ordinal;
                    int colIdsVersion   = dt.Columns["IdsVersion"].Ordinal;

                    for (int i = 0; dt.Rows.Count > i; i++)
                    {
                        ids NewEnt = new ids();
                        NewEnt.IdsId = Int32.Parse(dt.Rows[i].ItemArray[colIdsId].ToString());
                        NewEnt.idsName = dt.Rows[i].ItemArray[colIdsName].ToString();
                        NewEnt.DatabaseTypeId = Int32.Parse(dt.Rows[i].ItemArray[colDatabaseTypeId].ToString());
                        NewEnt.IdsTypeId = Int32.Parse(dt.Rows[i].ItemArray[colIdsTypeId].ToString());
                        NewEnt.Active = sbyte.Parse(dt.Rows[i].ItemArray[colActive].ToString());
                        NewEnt.IdsIP = dt.Rows[i].ItemArray[colIdsIP].ToString();
                        NewEnt.DatabaseUser = dt.Rows[i].ItemArray[colDatabaseUser].ToString();
                        NewEnt.DatabasePass = dt.Rows[i].ItemArray[colDatabasePass].ToString();
                        NewEnt.DatabaseName = dt.Rows[i].ItemArray[colDatabaseName].ToString();
                        NewEnt.DatabaseHost = dt.Rows[i].ItemArray[colDatabaseHost].ToString();
                        NewEnt.IdsVersion = dt.Rows[i].ItemArray[colIdsVersion].ToString();
                        lstids.Add(NewEnt);
                    }
                }
                return lstids;
            }
            catch(Exception ex)
            {
                throw ex;
            }
        }
Example #3
0
 public int idsAdd( ids ids)
 {
     try
     {
         return (int)SqlHelper.ExecuteScalar(SqlImplHelper.getConnectionString(), "idsAdd",
                                                                                 ids.idsName,
                                                                                 ids.DatabaseTypeId,
                                                                                 ids.IdsTypeId,
                                                                                 ids.Active,
                                                                                 ids.IdsIP,
                                                                                 ids.DatabaseUser,
                                                                                 ids.DatabasePass,
                                                                                 ids.DatabaseName,
                                                                                 ids.DatabaseHost,
                                                                                 ids.IdsVersion);
     }
     catch(Exception ex)
     {
         throw ex;
     }
 }
        public DataTable getIDPSData()
        {
            DataSet dtsResult   = new DataSet();
            DataTable dttResult = new DataTable();

            dttResult.Columns.Add(new DataColumn("IDPSId", System.Type.GetType("System.Int32")));
            dttResult.Columns.Add(new DataColumn("EventsAlarmId", System.Type.GetType("System.Int32")));
            dttResult.Columns.Add(new DataColumn("IDPSEventId", System.Type.GetType("System.Int32")));
            dttResult.Columns.Add(new DataColumn("datetime   ", System.Type.GetType("System.String")));
            dttResult.Columns.Add(new DataColumn("description", System.Type.GetType("System.String")));
            dttResult.Columns.Add(new DataColumn("source     ", System.Type.GetType("System.String")));

            List<eventsalarm> lstEventsAlarm = new List<eventsalarm>();
            eventsalarmBus oEventsAlarm = new eventsalarmBus();

            ids auxIDPS = new ids();
            idsBus oIDPSBus = new idsBus();

            lstEventsAlarm = oEventsAlarm.eventsalarmGetAll();

            if (lstEventsAlarm.Count > 0)
            {
                foreach (eventsalarm row in lstEventsAlarm)
                {
                    switch (row.IdsId)
                    {
                        case 1: //ossec
                            auxIDPS  = oIDPSBus.idsGetById(row.IdsId);
                            dtsResult= requestOSSECEvents( auxIDPS.DatabaseHost,
                                                           auxIDPS.DatabaseName,
                                                           auxIDPS.DatabaseUser,
                                                           auxIDPS.DatabasePass,
                                                           row.IdsSignatureCategoryId);

                            if (dtsResult.Tables[0].Rows.Count > 0)
                            {
                                foreach(DataRow rowResult in dtsResult.Tables[0].Rows)
                                {
                                    dttResult.Rows.Add(row.IdsId,
                                                       row.EventsAlarmId,
                                                       Convert.ToInt32(rowResult[0].ToString()),
                                                       rowResult[1].ToString(),
                                                       rowResult[2].ToString(),
                                                       rowResult[3].ToString());
                                }
                            }

                        break;
                        case 2: //snort
                        case 3: //suricata
                            auxIDPS  = oIDPSBus.idsGetById(row.IdsId);
                            dtsResult= requestbarnyard2Events(auxIDPS.DatabaseHost,
                                                              auxIDPS.DatabaseName,
                                                              auxIDPS.DatabaseUser,
                                                              auxIDPS.DatabasePass,
                                                              row.IdsSignatureCategoryId);

                            if (dtsResult.Tables[0].Rows.Count > 0)
                            {
                                foreach (DataRow rowResult in dtsResult.Tables[0].Rows)
                                {
                                    dttResult.Rows.Add(row.IdsId,
                                                       row.EventsAlarmId,
                                                       Convert.ToInt32(rowResult[0].ToString()),
                                                       rowResult[1].ToString(),
                                                       rowResult[2].ToString(),
                                                       rowResult[3].ToString());
                                }
                            }
                        break;

                        case 4: //bro
                            auxIDPS = oIDPSBus.idsGetById(row.IdsId);
                            dtsResult = requestBroEvents(auxIDPS.DatabaseHost,
                                                         auxIDPS.DatabaseName,
                                                         auxIDPS.DatabaseUser,
                                                         auxIDPS.DatabasePass,
                                                         row.IdsSignatureCategoryId);

                            if (dtsResult.Tables[0].Rows.Count > 0)
                            {
                                foreach (DataRow rowResult in dtsResult.Tables[0].Rows)
                                {
                                    dttResult.Rows.Add(row.IdsId,
                                                       row.EventsAlarmId,
                                                       Convert.ToInt32(rowResult[0].ToString()),
                                                       rowResult[1].ToString(),
                                                       rowResult[2].ToString(),
                                                       rowResult[3].ToString());
                                }
                            }
                        break;
                    }
                }
            }
            return dttResult;
        }
        public DataSet getIDPSSignaturesCategory(int idpsId)
        {
            ids auxIDPS = new ids();
            idsBus oIDPSBus = new idsBus();
            DataSet dtsResult = new DataSet();
            string sqlQuery;

            auxIDPS = oIDPSBus.idsGetById(idpsId);

            if (auxIDPS != null)
            {
                switch (auxIDPS.IdsId)
                {
                    case 1: //ossec
                        sqlQuery= "SELECT   cat_id as SignatureCategoryId,    "
                                  + "       cat_name as SignatureCategoryName "
                                  + " FROM  Category                          "
                                  + " ORDER by cat_id;                        ";

                        dtsResult= ExecQueryMySQL(auxIDPS.DatabaseHost,
                                                             auxIDPS.DatabaseName,
                                                             auxIDPS.DatabaseUser,
                                                             auxIDPS.DatabasePass,
                                                             sqlQuery);
                    break;
                    case 2: //snort
                    case 3: //suricata
                        sqlQuery= "SELECT   sig_class_id   as SignatureCategoryId,    "
                                  + "       sig_class_name as SignatureCategoryName   "
                                  + " FROM  sig_class                                 "
                                  + " ORDER by sig_class_id;                          ";

                        dtsResult= ExecQueryMySQL(auxIDPS.DatabaseHost,
                                                             auxIDPS.DatabaseName,
                                                             auxIDPS.DatabaseUser,
                                                             auxIDPS.DatabasePass,
                                                             sqlQuery);
                    break;
                    case 4: //bro
                        //TODO
                    break;
                }
            }

            return dtsResult;
        }
        protected void getEventsDetectionData()
        {
            DataTable dttEventsDetection = new DataTable();
            dttEventsDetection.Columns.Add(new DataColumn("eventsDetectionId", System.Type.GetType("System.Int32")));
            dttEventsDetection.Columns.Add(new DataColumn("datetime", System.Type.GetType("System.DateTime")));
            dttEventsDetection.Columns.Add(new DataColumn("eventStauts", System.Type.GetType("System.Int32")));
            dttEventsDetection.Columns.Add(new DataColumn("eventStatusDescription", System.Type.GetType("System.String")));
            dttEventsDetection.Columns.Add(new DataColumn("IDSId", System.Type.GetType("System.Int32")));
            dttEventsDetection.Columns.Add(new DataColumn("IDPS", System.Type.GetType("System.String")));
            dttEventsDetection.Columns.Add(new DataColumn("idsName", System.Type.GetType("System.String")));
            dttEventsDetection.Columns.Add(new DataColumn("eventsAlarmId", System.Type.GetType("System.Int32")));
            dttEventsDetection.Columns.Add(new DataColumn("severityId", System.Type.GetType("System.Int32")));
            dttEventsDetection.Columns.Add(new DataColumn("severityDescription", System.Type.GetType("System.String")));
            dttEventsDetection.Columns.Add(new DataColumn("SLATimeToResponse", System.Type.GetType("System.Int32")));
            dttEventsDetection.Columns.Add(new DataColumn("TaskId", System.Type.GetType("System.Int32")));
            dttEventsDetection.Columns.Add(new DataColumn("IDPSEventId", System.Type.GetType("System.Int32")));

            List<eventsdetection> lstEvetnsDetection = new List<eventsdetection>();
            eventsdetectionBus oEventsDetection = new eventsdetectionBus();

            idsBus oIDPS = new idsBus();
            eventsalarmBus oEventsAlarm = new eventsalarmBus();
            severityBus oSeverity = new severityBus();
            tasksBus oTask = new tasksBus();
            taskstatusBus oTaskStatus = new taskstatusBus();

            lstEvetnsDetection = oEventsDetection.eventsdetectionGetAll();

            if (lstEvetnsDetection.Count > 0)
            {
                foreach (eventsdetection row in lstEvetnsDetection)
                {
                    if (row.EventStatus == 2 || row.EventStatus == 5) //Closed, Rejected
                        continue;

                    ids auxIDPS = new ids();
                    eventsalarm auxEventAlarm = new eventsalarm();
                    severity auxSeverity = new severity();
                    tasks auxTask = new tasks();
                    taskstatus auxTaskStatus = new taskstatus();

                    auxIDPS = oIDPS.idsGetById(row.IdsId);
                    auxEventAlarm = oEventsAlarm.eventsalarmGetById(row.EventsAlarmId);
                    auxSeverity = oSeverity.severityGetById(auxEventAlarm.Severity);
                    auxTask = oTask.tasksGetByEventsDetectionId(row.EventsDetectionId);
                    auxTaskStatus = oTaskStatus.taskstatusGetById(row.EventStatus);

                    dttEventsDetection.Rows.Add(row.EventsDetectionId,
                                                row.DateTime,
                                                row.EventStatus,
                                                auxTaskStatus.TaskStatusDescription,
                                                row.IdsId,
                                                auxIDPS.IdsIP,
                                                auxIDPS.idsName,
                                                row.EventsAlarmId,
                                                auxSeverity.SeverityId,
                                                auxSeverity.SeverityDescription,
                                                auxSeverity.SLATimeToResponse,
                                                auxTask.TaskId,
                                                row.IDPSEventId);
                }

                gvEventsDetection.DataSource = dttEventsDetection;
                gvEventsDetection.DataBind();
            }
        }
        protected void btnSearch_Click(object sender, EventArgs e)
        {
            if (!String.IsNullOrEmpty(txtSearch.Text))
            {
                DataTable dttEventsDetection = new DataTable();
                dttEventsDetection.Columns.Add(new DataColumn("eventsDetectionId", System.Type.GetType("System.Int32")));
                dttEventsDetection.Columns.Add(new DataColumn("datetime", System.Type.GetType("System.DateTime")));
                dttEventsDetection.Columns.Add(new DataColumn("eventStauts", System.Type.GetType("System.Int32")));
                dttEventsDetection.Columns.Add(new DataColumn("eventStatusDescription", System.Type.GetType("System.String")));
                dttEventsDetection.Columns.Add(new DataColumn("IDSId", System.Type.GetType("System.Int32")));
                dttEventsDetection.Columns.Add(new DataColumn("IDPS", System.Type.GetType("System.String")));
                dttEventsDetection.Columns.Add(new DataColumn("idsName", System.Type.GetType("System.String")));
                dttEventsDetection.Columns.Add(new DataColumn("eventsAlarmId", System.Type.GetType("System.Int32")));
                dttEventsDetection.Columns.Add(new DataColumn("severityId", System.Type.GetType("System.Int32")));
                dttEventsDetection.Columns.Add(new DataColumn("severityDescription", System.Type.GetType("System.String")));
                dttEventsDetection.Columns.Add(new DataColumn("SLATimeToResponse", System.Type.GetType("System.Int32")));
                dttEventsDetection.Columns.Add(new DataColumn("TaskId", System.Type.GetType("System.Int32")));

                eventsdetection auxEvetnsDetection = new eventsdetection();
                eventsdetectionBus oEventsDetection = new eventsdetectionBus();

                idsBus oIDPS = new idsBus();
                eventsalarmBus oEventsAlarm = new eventsalarmBus();
                severityBus oSeverity = new severityBus();
                tasksBus oTask = new tasksBus();

                auxEvetnsDetection = oEventsDetection.eventsdetectionGetById(Convert.ToInt32(txtSearch.Text));

                if (auxEvetnsDetection != null)
                {
                    string strStatus = "";
                    ids auxIDPS = new ids();
                    eventsalarm auxEventAlarm = new eventsalarm();
                    severity auxSeverity = new severity();
                    tasks auxTask = new tasks();

                    switch (auxEvetnsDetection.EventStatus)
                    {
                        case 1: strStatus = "Pendiente"; break;
                        case 2: strStatus = "En tratamiento"; break;
                        case 3: strStatus = "Cerrado"; break;
                    }

                    auxIDPS = oIDPS.idsGetById(auxEvetnsDetection.IdsId);
                    auxEventAlarm = oEventsAlarm.eventsalarmGetById(auxEvetnsDetection.EventsAlarmId);
                    auxSeverity = oSeverity.severityGetById(auxEventAlarm.Severity);
                    auxTask = oTask.tasksGetByEventsDetectionId(auxEvetnsDetection.EventsDetectionId);

                    dttEventsDetection.Rows.Add(auxEvetnsDetection.EventsDetectionId,
                                                auxEvetnsDetection.DateTime,
                                                auxEvetnsDetection.EventStatus,
                                                strStatus,
                                                auxEvetnsDetection.IdsId,
                                                auxIDPS.IdsIP,
                                                auxIDPS.idsName,
                                                auxEvetnsDetection.EventsAlarmId,
                                                auxSeverity.SeverityId,
                                                auxSeverity.SeverityDescription,
                                                auxSeverity.SLATimeToResponse,
                                                auxTask.TaskId);

                    gvEventsDetection.DataSource = dttEventsDetection;
                    gvEventsDetection.DataBind();
                }
                else
                {
                    lblMessage.Text = "Busqueda sin resultados...";
                }
            }
        }
Example #8
0
        protected void gvIDPS_SelectedIndexChanged(object sender, EventArgs e)
        {
            GridViewRow row = gvIDPS.SelectedRow;

            ids auxIDPS = new ids();
            idsBus oIDPS = new idsBus();

            try
            {
                ddlIDPSType.SelectedValue= ((Label)row.FindControl("idsTypeId")).Text;
                ddlDatabaseType.SelectedValue = ((Label)row.FindControl("databaseTypeId")).Text;
            }
            catch
            {

            }

            if ((Label)row.FindControl("idsId") != null) { txtIDPSId.Text = ((Label)row.FindControl("idsId")).Text; } else { txtIDPSId.Text = ""; }
            if ((Label)row.FindControl("idsName") != null) { txtIDPSName.Text = ((Label)row.FindControl("idsName")).Text; } else { txtIDPSName.Text = ""; }
            if ((Label)row.FindControl("idsVersion") != null) { txtIDPSVersion.Text = ((Label)row.FindControl("idsVersion")).Text; } else { txtIDPSVersion.Text = ""; }
            if ((Label)row.FindControl("idsIP") != null) { txtIP.Text = ((Label)row.FindControl("idsIP")).Text; } else { txtIP.Text = ""; }
            if ((CheckBox)row.FindControl("active") != null) { chkActive.Checked = ((CheckBox)row.FindControl("active")).Checked; } else { chkActive.Checked = false; }

            auxIDPS = oIDPS.idsGetById(Convert.ToInt32(txtIDPSId.Text));
            txtUserDataBase.Text = auxIDPS.DatabaseUser;
            txtPassDataBase.Text = auxIDPS.DatabasePass;
            txtSourceDataBase.Text = auxIDPS.DatabaseName;
            txtHostDatabase.Text = auxIDPS.DatabaseHost;
            activateFields(true, false);
            btnSave.Enabled = true;
        }
Example #9
0
 public bool idsUpdate(ids ids)
 {
     idsImpl oidsImpl = new idsImpl();
     return oidsImpl.idsUpdate( ids);
 }
Example #10
0
 public int idsAdd(ids ids)
 {
     idsImpl oidsImpl = new idsImpl();
     return oidsImpl.idsAdd( ids);
 }
Example #11
0
 public bool idsUpdate( ids ids)
 {
     try
     {
         int update = (int)SqlHelper.ExecuteScalar(SqlImplHelper.getConnectionString(), "idsUpdate",
                                                                                     ids.IdsId,
                                                                                     ids.idsName,
                                                                                     ids.DatabaseTypeId,
                                                                                     ids.IdsTypeId,
                                                                                     ids.Active,
                                                                                     ids.IdsIP,
                                                                                     ids.DatabaseUser,
                                                                                     ids.DatabasePass,
                                                                                     ids.DatabaseName,
                                                                                     ids.DatabaseHost,
                                                                                     ids.IdsVersion);
         if (update > 0)
         {
             return true;
         }
         else
         {
             return false;
         }
     }
     catch(Exception ex)
     {
         throw ex;
     }
 }
Example #12
0
        public ids idsGetById(int IdsId)
        {
            try
            {
                DataTable dt = SqlHelper.ExecuteDataset(SqlImplHelper.getConnectionString(), "idsGetById",
                                                                                              IdsId).Tables[0];
                ids NewEnt = new ids();

                if(dt.Rows.Count > 0)
                {
                    DataRow dr = dt.Rows[0];
                    NewEnt.IdsId = Int32.Parse(dr["IdsId"].ToString());
                    NewEnt.idsName = dr["IdsName"].ToString();
                    NewEnt.DatabaseTypeId = Int32.Parse(dr["DatabaseTypeId"].ToString());
                    NewEnt.IdsTypeId = Int32.Parse(dr["IdsTypeId"].ToString());
                    NewEnt.Active = sbyte.Parse(dr["Active"].ToString());
                    NewEnt.IdsIP = dr["IdsIP"].ToString();
                    NewEnt.DatabaseUser = dr["DatabaseUser"].ToString();
                    NewEnt.DatabasePass = dr["DatabasePass"].ToString();
                    NewEnt.DatabaseName = dr["DatabaseName"].ToString();
                    NewEnt.DatabaseHost = dr["DatabaseHost"].ToString();
                    NewEnt.IdsVersion = dr["IdsVersion"].ToString();
                }
                return NewEnt;
            }
            catch(Exception ex)
            {
                throw ex;
            }
        }