I am having a bit of trouble getting the following to show up.
1) Display a set of Unique Ip address is the XML file, also display the total count.
2) Display all the risk field higher than 5 and the IPAddress associated with them.
{code saved}
Wow - Thanks for you help! Great Support!
1 more request - How would I get the total number of risks returned?
//Claud
Hi Claud,
To add the total number of vulnerabilities to the output, try something like this:
<?php
header("Content-Type: text/plain");
require("MagicParser.php");
$hosts = array();
function myHostRecordHandler($record)
{
global $hosts;
if (!isset($hosts[$record["HOST-IPADDRESS"]])) $hosts[$record["HOST-IPADDRESS"]] = 0;
$hosts[$record["HOST-IPADDRESS"]]++;
}
$xml = file_get_contents("risk.xml");
MagicParser_parse("string://".$xml,"myHostRecordHandler","xml|ROOT/Vulnerability/Vuln/Host/");
print "Hosts and Vulnerability Count: ";print_r($hosts);
print "Total Unique Hosts: ".count($hosts)."\n";
print "Vulnerabilities (Risk >= 5) And Associated Hosts:\n";
$totalVulnerabilities = 0;
function myVulnRecordHandler($record)
{
global $totalVulnerabilities;
$totalVulnerabilities++;
if ($record["RISK"] < 5) return;
print $record["VULN-VULNNAME"]." (".$record["HOST-IPADDRESS"].")\n";
}
MagicParser_parse("string://".$xml,"myVulnRecordHandler","xml|ROOT/Vulnerability/Vuln/");
print "Total Vulnerabilities: ".$totalVulnerabilities."\n";
?>
Hope this helps!
Cheers,
David.
Yes - this does help!
I have a quick question that is causing me a little problem. In the area where I am displaying the risks > 5, how do I only show only unique IP records?
I want to be able to filter the display first if a risk is < 5 then only count it only once per IP address. Also display the total IP Addresses that have at least 1 vulnerability with a risk score < 5.
Thanks again for you help - Your product with worth every $.01.
//Claud
Hi Claud,
Have a go with something like this - see how the $uniqueHighRisk and $uniqueLowRisk arrays can be used to filter output to unique IP addresses.
<?php
header("Content-Type: text/plain");
require("MagicParser.php");
$hosts = array();
function myHostRecordHandler($record)
{
global $hosts;
if (!isset($hosts[$record["HOST-IPADDRESS"]])) $hosts[$record["HOST-IPADDRESS"]] = 0;
$hosts[$record["HOST-IPADDRESS"]]++;
}
$xml = file_get_contents("risk.xml");
MagicParser_parse("string://".$xml,"myHostRecordHandler","xml|ROOT/Vulnerability/Vuln/Host/");
print "Hosts and Vulnerability Count: ";print_r($hosts);
print "Total Unique Hosts: ".count($hosts)."\n";
print "Vulnerabilities (Risk >= 5) And Associated Hosts:\n";
$totalVulnerabilities = 0;
$uniqueHighRisk = array();
$uniqueLowRisk = array();
function myVulnRecordHandler($record)
{
global $totalVulnerabilities;
global $uniqueHighRisk;
global $uniqueLowRisk;
$totalVulnerabilities++;
if ($record["RISK"] < 5)
{
if (in_array($record["HOST-IPADDRESS"],$uniqueLowRisk)) return;
$uniqueLowRisk[] = $record["HOST-IPADDRESS"];
return;
}
if (in_array($record["HOST-IPADDRESS"],$uniqueHighRisk)) return;
print $record["VULN-VULNNAME"]." (".$record["HOST-IPADDRESS"].")\n";
$uniqueHighRisk[] = $record["HOST-IPADDRESS"];
}
MagicParser_parse("string://".$xml,"myVulnRecordHandler","xml|ROOT/Vulnerability/Vuln/");
print "Unique Hosts With Low Risks: ".count($uniqueLowRisk)."\n";
print "Total Vulnerabilities: ".$totalVulnerabilities."\n";
?>
Cheers,
David.
Hi,
Have a go with something like this - based on your XML source saved as "risk.xml";
<?php
header("Content-Type: text/plain");
require("MagicParser.php");
$hosts = array();
function myHostRecordHandler($record)
{
global $hosts;
if (!isset($hosts[$record["HOST-IPADDRESS"]])) $hosts[$record["HOST-IPADDRESS"]] = 0;
$hosts[$record["HOST-IPADDRESS"]]++;
}
$xml = file_get_contents("risk.xml");
MagicParser_parse("string://".$xml,"myHostRecordHandler","xml|ROOT/Vulnerability/Vuln/Host/");
print "Hosts and Vulnerability Count: ";print_r($hosts);
print "Total Unique Hosts: ".count($hosts)."\n";
print "Vulnerabilities (Risk >= 5) And Associated Hosts:\n";
function myVulnRecordHandler($record)
{
if ($record["RISK"] < 5) return;
print $record["VULN-VULNNAME"]." (".$record["HOST-IPADDRESS"].")\n";
}
MagicParser_parse("string://".$xml,"myVulnRecordHandler","xml|ROOT/Vulnerability/Vuln/");
?>
Hope this helps!
Cheers,
David
--
MagicParser.com