graph_TargetportActivity.php

<?
include("db.php");


if(!isset($_GET['per'])){$_GET['per']="hour";}
switch( $_GET['per']) {
        case "hour":
		$agg = 1;
                break;
        case "day":
		$agg = 24;
                break;
        case "month":
		$agg = 24*30; // -30.5 ?
                 break;
}

#sqli todo
#selector

$query_cols = "target_port";
if(IsSet($_GET['port']) && is_numeric($_GET['port'])){
	$where = "target_port=".$_GET['port'];
} else {
	die("pars");
}



#seznam sloupcu ve vysledku, todo dyn, coz je ovsem seznam sledovanych velicin
$cols=array();
$i=0;
$cols["events"]=$i++;
$cols["uniqueSources"]=$i++;
$cols["uniqueSensors"]=$i++;
$cols["totalScale"]=$i++;
$count_cols=count($cols);


#select data
$data=array();
#casova posloupnost
# premapuju podle staticky alokovanych sloupcu, posilam to rovnou do grafu
$q = "
SELECT 
unix_timestamp(detected)-(unix_timestamp(detected)%(3600*$agg)) as t, 
count(*) as events, 
count(distinct source) as uniqueSources, 
count(distinct concat_ws('-',hostname,service,type)) as uniqueSensors,
sum(attack_scale) as totalScale 
FROM events WHERE $where GROUP BY $query_cols, t;";

#var_dump($q);
$res = mysql_query($q, $db);
while ($tmp = mysql_fetch_assoc($res)) { 
	#var_dump($tmp);
        $d=array_fill(0, $count_cols, 0);
        $d[ $cols[ "events" ] ] = (int)$tmp["events"];
        $d[ $cols[ "uniqueSources" ] ] = (int)$tmp["uniqueSources"];
        $d[ $cols[ "uniqueSensors" ] ] = (int)$tmp["uniqueSensors"];
        $d[ $cols[ "totalScale" ] ] = (int)$tmp["totalScale"];
        array_unshift($d, (int)$tmp["t"]);
	array_push($data, $d);
}


#print json_encode($d);
print json_encode(array("cols"=>array_keys($cols), "data"=>$data));

?>