Сайт представляет собой front-end к БД. Необходимо залогиниться на сайте,
оформить запрос и получить на него ответ. Оформление запроса и получение ответа по HTTP.
Всебы ничего, но на сайте используется java, а как правильно обрабатывать такие страницы я не знаю,
и найти нужную информацию сам не смог
Приклыдываю два файла: mars.pl - скрипт который должен выполнять обработку и out.txt - вывод скрипта.
В out.txt содержится вывод двух страничек, отделенных друг от друга линиями "---------------------------------------------"
Первая страницка это форма запроса, а вторая также содержит формц запроса но и должна иметь форму ответа, а его нет (((( ... При этом через сам front-end ответ вижу отлично.
Вопрос в следующем, как можно обработать страницы с включенными скриптами?
Конкретно интересуют вот такие теги (см. вывод):
Код: Выделить всё
<input type="submit" value="Submit Inline" class='button' name="button" onclick="DirectFormSubmit( '/Query/QuerySubmit.jsp?ResubmitAndClearPaging=true&InlineReport=1', this.form ); return VerifyParen();">Что-то файлы не грузятся, по этому вот скрипт:
Код:
#!/bin/perl
# Подключаем модули
use HTML::Form;
use HTTP::Request ;
use HTTP::Cookies ;
use LWP::UserAgent ;
#use LWP::Debug qw( + );
require HTTP::Request;
# -------------------------------------------------------------------------------
# подготовительные действия
# -------------------------------------------------------------------------------
# Создаю запрос
$request = HTTP::Request->new(GET => 'https://192.168.132.100');
# Создаю агента с некоторыми настройками
$ua = LWP::UserAgent->new( agent => "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; NeosBrowser; .NET CLR 1.1.4322; .NET CLR 2.0.50727)",
cookie_jar => HTTP::Cookies->new(file =>"lwp-cookies2.txt" ,autosave => 1) ,
requests_redirectable => ['GET', 'HEAD', 'POST'] );
# -------------------------------------------------------------------------------
# получение промужуточной страницы
# -------------------------------------------------------------------------------
# посылаю запрос и получаю на него ответ - это промужуточная форма, в нормальном браузеое не отображается
$response = $ua->request($request);
# выбираю из ответа форму (<form>...</form>)
$form = HTML::Form->parse( $response );
# -------------------------------------------------------------------------------
# получение страницы аутентификации пользователя и аутентификаци
# -------------------------------------------------------------------------------
# кликаю на форме, в результате получаю страницу ответа с приглашение к аутентификации
$response = $ua->request( $form->click );
# выбираю из ответа форму (<form>...</form>)
$form = HTML::Form->parse( $response );
# поля заполняемые пользователем
$form->param( username, "user" ) ;
$form->param( password, "pass" ) ;
$form->param( user_type, "Local" ) ;
# эти поля заполняются скриптом, но поскольку он не работает то их заполняю я сам ....
$form->param( j_username, "local:user" ) ;
$form->param( j_password, "pass" ) ;
# "кликаю" на кнопку логин
$response = $ua->request( $form->click );
# -------------------------------------------------------------------------------
# если аутентификация прошла успешно, то перехожу на страницу запроса к БД,
# формирую запрос, получаю ответ...
# -------------------------------------------------------------------------------
# анализирую результат аутентификации
if ($response->is_success) {
# если залогинились успешно, то сразу перехожу на страницу запросов к БД
$request = HTTP::Request->new(GET => 'https://192.168.132.100/Query/index.jsp');
$response = $ua->request($request);
print "---------------------------------------------------------------------\n" ;
print $response->content; # эта страница запроса к БД
print "---------------------------------------------------------------------\n" ;
# получаю список форм на странице (их здесь несколько)
@form = HTML::Form->parse( $response );
#foreach($form) { print $_->dump ; } # для отладки, вывожу формы на консоль
# нужная мне форма третья, заполняю в ней необходимые поля
$input = $form[3]->find_input("button", "submit", 3 ) ;
$form[3]->param(QuerySrcQuick1, "111") ;
$form[3]->param(QuerySrcQuick2, "111") ;
$form[3]->param(QuerySrcQuick3, "111") ;
$form[3]->param(QuerySrcQuick4, "111") ;
# формирую запрос
$request = $input->click( $form[3] ) ;
# отсылаю запрос и получаю на него ответ
$response = $ua->request($request);
print "---------------------------------------------------------------------\n" ;
print $response->content; # этот ответ то что меня и интересует
print "---------------------------------------------------------------------\n" ;
}
else {
print STDERR $response->status_line, "\n";
}А вот вывод:
первая страница с запросом:
Код:
---------------------------------------------------------------------
<html>
<head>
<title>[pnmars] Query</title>
<style>
<!--
@import "/Common/Menu/CssGui.css";
@import "/Common/Menu/CssMenu.jsp";
@import "/Common/Menu/CssBrowser.jsp";
@import "/Common/Menu/tree.css";
-->
</style>
<script src='/Script/query.js' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
<script src='/Script/shared.jsp' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
<script src='/Script/menu.js' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
<script src='/Script/tree.jsp' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
<script src='/Script/SelectWindowScript.jsp' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
</head>
<body style='width: 100%;' onload='bool_PageLoaded = true; '>
<div class='query' style='width: 100%; padding-top: 0px;'>
<table class='layout' width='100%'>
<tr>
<td style='padding-bottom: 5px;' rowspan='2'><img src="/images/CornerLogo.gif" alt='[Cisco Systems]'></td>
<td> </td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('summary')" onmouseout="imgOff('summary')" href="/Summary/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_summary1.gif" alt="[Summary]" border=0 name="summary"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('idents')" onmouseout="imgOff('idents')" href="/Incidents/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_idents1.gif" alt="[Incidents]" border=0 name="idents"></a></td>
<td class='tight' style='vertical-align: bottom;'><a href="/Query/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_query2.gif" alt="[Query / Reports]" border=0 name="query"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('rules')" onmouseout="imgOff('rules')" href="/InspectionRules/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_rules1.gif" alt="[Rules]" border=0 name="rules"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('events')" onmouseout="imgOff('events')" href="/Management/Events/index.jsp?RemoveSessionForEvents=true&NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_events1.gif" alt="[Management]" border=0 name="events"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('admin')" onmouseout="imgOff('admin')" href="/Admin/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_admin1.gif" alt="[Admin]" border=0 name="admin"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('help')" onmouseout="imgOff('help')" href="/Help/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_help1.gif" alt="[Help]" border=0 name="help"></a></td>
</tr>
</table>
<table width='100%'>
<tr style='font-weight: bold;'>
<td class='BgMediumBorderGrey' onmouseover='this.className = "BgLightBorderGrey";' onmouseout='this.className = "BgMediumBorderGrey";' nowrap> <a class='menu' href="/Query/index.jsp?NewQuery=clearReport">Query</a> </td>
<td class='BgWhite' style='border-bottom: 1px solid #333333; width: 1px;'></td>
<td class='BgDarkBorderGrey' onmouseover='this.className = "BgLightBorderGrey";' onmouseout='this.className = "BgDarkBorderGrey";' nowrap> <a class='menu'href="/Report/BatchQuery.jsp">Batch Query</a> </td>
<td class='BgWhite' style='border-bottom: 1px solid #333333; width: 1px;'></td>
<td class='BgDarkBorderGrey' onmouseover='this.className = "BgLightBorderGrey";' onmouseout='this.className = "BgDarkBorderGrey";' nowrap> <a class='menu' href="/Report/">Report</a> </td>
<td class='BgWhite' style='border-bottom: 1px solid #333333; width: 1px;'></td>
<td class='BgDarkBorderGrey' colspan='4' width='100%' style='text-align: right;'>Aug 13, 2008 2:54:06 PM MSD </td>
</tr>
</table>
<table class='BgMedium' width='100%'>
<tr>
<td class='tight'><img src="/images/menu_images/pic_query.gif" alt="[Query / Reports]"></td>
<td class='header' style='text-align: left; vertical-align: middle; whitespace: nowrap;' nowrap>CS-MARS Standalone: pnmars v5.3</td>
<td style='width: 100%;'></td>
<td style='text-align: right; vertical-align: middle; whitespace: nowrap;' nowrap>Login: Yuriy, Grubov (grub) :: </td>
<td style='text-align: right; vertical-align: middle; whitespace: nowrap;' nowrap><button class='small' onclick="java script:window.open('/logout.jsp', '_top');">Logout</button> :: </td>
<td style='text-align: right; vertical-align: middle; whitespace: nowrap;' nowrap><button class='small' onclick="java script:PopupWithParams('/Shared/Popups/Activate.jsp', '');">Activate</button> </td>
</tr>
</table>
<br>
<div class='indent' style='width: 100%; text-align: right;'>
<form name='loadquery' style='display: inline; float: left;' action='/Query/index.jsp'>
<input type='hidden' name='operation' value='LoadQuery'>
<table border = '3' style='width: 60%'>
<tr><td><span class='header' >Load Report as On-Demand Query with Filter</span></td></tr>
<tr>
<td nowrap style='vertical-align: middle'>
<select name="chosenReportGroupId" onchange="if( this.options[this.selectedIndex].value == -1 ) return false; if( DirectFormSubmit('index.jsp', this.form) ) { this.form.submit(); }">
<option value='-1' selected>Select Group...</option>
<option value='0'>All</option>
<option value='1'>System Reports</option>
<option value='2'>User Reports</option>
<option value='-1'>--Report Groups--</option>
<option value='121516'>System: Access</option>
<option value='121528'>System: All Events - Aggregate View</option>
<option value='121522'>System: All Exploits - Aggregate View</option>
<option value='121530'>System: COBIT DS3.3 - Monitoring and Reporting</option>
<option value='121534'>System: COBIT DS5.10: Security Violations</option>
<option value='121535'>System: COBIT DS5.19: Malicious software</option>
<option value='121536'>System: COBIT DS5.20: Firewall control</option>
<option value='121531'>System: COBIT DS5.2: Authentication and Access</option>
<option value='121532'>System: COBIT DS5.4: User Account Changes</option>
<option value='121533'>System: COBIT DS5.7: Security Surveillance</option>
<option value='121537'>System: COBIT DS9.4: Configuraton Control</option>
<option value='121538'>System: COBIT DS9.5: Unauthorized Software</option>
<option value='121545'>System: CS-MARS Distributed Threat Mitigation (Cisco DTM)</option>
<option value='121529'>System: CS-MARS Incident Response</option>
<option value='121527'>System: CS-MARS Issue</option>
<option value='121520'>System: Client Exploits, Virus, Worm and Malware</option>
<option value='121541'>System: Configuration Changes</option>
<option value='121526'>System: Configuration Issue</option>
<option value='121518'>System: Database Server Activity</option>
<option value='121517'>System: Host Activity</option>
<option value='121523'>System: Network Attacks and DoS</option>
<option value='121544'>System: New Malware Outbreak (Cisco ICS)</option>
<option value='121542'>System: Operational Issue</option>
<option value='121515'>System: Reconnaissance</option>
<option value='121525'>System: Resource Issue</option>
<option value='121543'>System: Resource Usage</option>
<option value='121519'>System: Restricted Network Traffic</option>
<option value='121539'>System: SOX 302(a)(4)(A)</option>
<option value='121540'>System: SOX 302(a)(4)(D)</option>
<option value='121524'>System: Security Posture Compliance (Cisco NAC)</option>
<option value='121521'>System: Server Exploits</option>
</select>
</td>
</TR>
<TR>
<td>
<select name='ChosenReportId' onchange='if( !this.options[0].selected ) { this.form.submit(); }'>
<option value='0'>Select Report...</option>
<option value='121468'>Activity: AAA Based Access - All Events (Total View)</option>
<option value='121456'>Activity: AAA Based Access Failure - All Events (Total View)</option>
<option value='121506'>Activity: AAA Failed Auth - All Events (Total View)</option>
<option value='121508'>Activity: AAA Failed Auth - Top NADs (Total View)</option>
<option value='121510'>Activity: AAA Failed Auth - Top Users (Total View)</option>
<option value='121458'>Activity: Accounts Locked - All Events (Total View)</option>
<option value='121460'>Activity: Accounts Locked - Top Hosts (Total View)</option>
<option value='121256'>Activity: All - NAT Connections (Total View)</option>
<option value='121160'>Activity: All - Top Destination Ports (Peak View)</option>
<option value='121162'>Activity: All - Top Destinations (Peak View)</option>
<option value='121164'>Activity: All - Top Event Type Groups (Peak View)</option>
<option value='121166'>Activity: All - Top Event Types (Peak View)</option>
<option value='121258'>Activity: All - Top Reporting Device Types (Total View)</option>
<option value='121168'>Activity: All - Top Reporting Devices (Total View)</option>
<option value='121202'>Activity: All - Top Rules Fired (Peak View)</option>
<option value='121170'>Activity: All - Top Sources (Peak View)</option>
<option value='121246'>Activity: All - Top Users (Recent View)</option>
<option value='121302'>Activity: All Events and Netflow - Top Destination Ports (Peak View)</option>
<option value='121304'>Activity: All Sessions - Top Destination Ports by Bytes (Total View)</option>
<option value='121306'>Activity: All Sessions - Top Destinations by Bytes (Total View)</option>
<option value='121172'>Activity: Attacks Prevented - Top Reporting Devices (Total View)</option>
<option value='126053'>Activity: Attacks Prevented by Cisco IPS - All Events (Total View)</option>
<option value='126055'>Activity: Attacks Prevented by Cisco IPS - Top Event Types (Total View)</option>
<option value='121260'>Activity: Attacks Seen - Top Event Types (Total View)</option>
<option value='121174'>Activity: Attacks Seen - Top Reporting Devices (Total View)</option>
<option value='121248'>Activity: Backdoor - Top Destinations (Total View)</option>
<option value='121176'>Activity: Backdoor - Top Event Types (Total View)</option>
<option value='121262'>Activity: Backdoor - Top Hosts (Total View)</option>
<option value='126133'>Activity: CS-MARS Accepted Conflicting Certificates/Fingerprints (Total V...</option>
<option value='126131'>Activity: CS-MARS Accepted New Certificates/Fingerprints (Total View)</option>
<option value='194367'>Activity: CS-MARS Accounts Locked (Total View)</option>
<option value='194379'>Activity: CS-MARS Accounts Unlocked (Total View)</option>
<option value='194363'>Activity: CS-MARS Authentication Method Modifications (Total View)</option>
<option value='126135'>Activity: CS-MARS Detected Conflicting Certificates/Fingerprints (Total V...</option>
<option value='126139'>Activity: CS-MARS Device Connectivity Errors (Total View)</option>
<option value='126137'>Activity: CS-MARS Failure Saving Certificates/Fingerprints (Total View)</option>
<option value='121392'>Activity: CS-MARS Host Mitigation - Failure - All Events (Total View)</option>
<option value='121394'>Activity: CS-MARS Host Mitigation - Success - All Events (Total View)</option>
<option value='194373'>Activity: CS-MARS IPS Signature Update Failure - All Events (Total View)</option>
<option value='194369'>Activity: CS-MARS IPS Signature Update Success - All Events (Total View)</option>
<option value='194381'>Activity: CS-MARS LC-GC Communication Failures (Total View)</option>
<option value='194377'>Activity: CS-MARS LC-GC Communication Recovered (Total View)</option>
<option value='194375'>Activity: CS-MARS Login Failures (Total View)</option>
<option value='194371'>Activity: CS-MARS Successful Logins (Total View)</option>
<option value='194365'>Activity: CS-MARS pnadmin User Password Status (Total View)</option>
<option value='121326'>Activity: Database Login Failures - All Events (Total View)</option>
<option value='121328'>Activity: Database Login Failures - Top Servers (Total View)</option>
<option value='121470'>Activity: Database Login Failures - Top Users (Total View)</option>
<option value='121472'>Activity: Database Login Successes - All Events (Total View)</option>
<option value='121330'>Activity: Database Login Successes - Top Servers (Total View)</option>
<option value='121332'>Activity: Database Login Successes - Top Users (Total View)</option>
<option value='121334'>Activity: Database Object Modification Failures - All Events (Total View)</option>
<option value='121336'>Activity: Database Object Modification Failures - Top Users (Total View)</option>
<option value='121338'>Activity: Database Object Modification Successes - All Events (Total View)</option>
<option value='121340'>Activity: Database Object Modification Successes - Top Users (Total View)</option>
<option value='121342'>Activity: Database Privileged Command Failures - All Events (Total View)</option>
<option value='121346'>Activity: Database Privileged Command Failures - Top Users (Total View)</option>
<option value='121348'>Activity: Database Privileged Command Successes - All Events (Total View)</option>
<option value='121350'>Activity: Database Privileged Command Successes - Top Users (Total View)</option>
<option value='121354'>Activity: Database Regular Command Failures - All Events (Total View)</option>
<option value='121356'>Activity: Database Regular Command Failures - Top Users (Total View)</option>
<option value='121358'>Activity: Database Regular Command Successes - All Events (Total View)</option>
<option value='121360'>Activity: Database Regular Command Successes - Top Users (Total View)</option>
<option value='121362'>Activity: Database User/Group Change Failures - All Events (Total View)</option>
<option value='121364'>Activity: Database User/Group Change Failures - Top Users (Total View)</option>
<option value='121366'>Activity: Database User/Group Change Successes - All Events (Total View)</option>
<option value='121368'>Activity: Database User/Group Change Successes - Top Users (Total View)</option>
<option value='121178'>Activity: Denies - Top Destination Ports (Peak View)</option>
<option value='121180'>Activity: Denies - Top Destinations (Peak View)</option>
<option value='121182'>Activity: Denies - Top Sources (Total View)</option>
<option value='121396'>Activity: Host Admin Login Success - All Events (Total View)</option>
<option value='121386'>Activity: Host Login Failures - All Events (Total View)</option>
<option value='121264'>Activity: Host Login Failures - Top Destinations (Total View)</option>
<option value='121266'>Activity: Host Login Failures - Top Users (Total View)</option>
<option value='121390'>Activity: Host Login Success - All Events (Total View)</option>
<option value='121268'>Activity: Host Login Success - Top Host (Total View)</option>
<option value='121270'>Activity: Host Object Access - All Events (Total View)</option>
<option value='121398'>Activity: Host Privilege Escalation - All Events (Total View)</option>
<option value='121308'>Activity: Host Privilege Escalation - Top Hosts (Total View)</option>
<option value='121272'>Activity: Host Privileged Access - All Events (Total View)</option>
<option value='121474'>Activity: Host Process Tracking - All Events (Total View)</option>
<option value='121274'>Activity: Host Registry Changes - All Events (Total View)</option>
<option value='121276'>Activity: Host Registry Changes - Top Host (Total View)</option>
<option value='121444'>Activity: Host Security Policy Changes - All Events (Total View)</option>
<option value='121278'>Activity: Host Security Policy Changes - Top Host (Total View)</option>
<option value='121282'>Activity: Host System Events - All Events (Total View)</option>
<option value='121284'>Activity: Host User/Group Management - All Events (Total View)</option>
<option value='121286'>Activity: Host User/Group Management - Top hosts (Total View)</option>
<option value='121184'>Activity: IDS Evasion - Top Event Types (Total View)</option>
<option value='121450'>Activity: IOS IPS DTM Successful Signature Tuning - All Events (Total View)</option>
<option value='121250'>Activity: IRC - All Events (Total View)</option>
<option value='121400'>Activity: Inactive Reporting Device - Top Devices (Total View)</option>
<option value='121288'>Activity: Network Usage - Top Destination Ports (Total View)</option>
<option value='121402'>Activity: Network Usage - Top Destination Ports By Bytes (Total View)</option>
<option value='121404'>Activity: New Malware Discovered - All Events (Total View)</option>
<option value='121406'>Activity: New Malware Prevention Deployment Failure - All Events (Total V...</option>
<option value='121408'>Activity: New Malware Prevention Deployment Success - All Events (Total V...</option>
<option value='121410'>Activity: New Malware Traffic Match - All Events (Total View)</option>
<option value='121412'>Activity: New Malware Traffic Match - Top Sources (Total View)</option>
<option value='121414'>Activity: P2P Filesharing/Chat - All Events (Total View)</option>
<option value='121186'>Activity: P2P Filesharing/Chat - Top Event Types (Total View)</option>
<option value='121310'>Activity: P2P Filesharing/Chat - Top Hosts (Total View)</option>
<option value='121370'>Activity: Recreational - All Events (Total View)</option>
<option value='121312'>Activity: Recreational - Top Sources (Total View)</option>
<option value='121416'>Activity: Remote Access Login - All Events (Total View)</option>
<option value='121314'>Activity: Remote Access Login - Top User (Total View)</option>
<option value='121418'>Activity: Remote Access Login Failures - All Events (Total View)</option>
<option value='121188'>Activity: Scans - Top Destination Ports (Peak View)</option>
<option value='121190'>Activity: Scans - Top Destinations (Total View)</option>
<option value='121192'>Activity: Scans - Top Sources (Total View)</option>
<option value='121466'>Activity: Security Posture: Healthy - Top Users (Total View)</option>
<option value='121478'>Activity: Security Posture: NAC - Top NADs (Total View)</option>
<option value='121500'>Activity: Security Posture: NAC - Top NADs and Tokens (Total View)</option>
<option value='121480'>Activity: Security Posture: NAC - Top Tokens (Total View)</option>
<option value='121512'>Activity: Security Posture: NAC Agentless - Top Hosts (Total View)</option>
<option value='121514'>Activity: Security Posture: NAC Agentless - Top NADs (Total View)</option>
<option value='121502'>Activity: Security Posture: NAC Agentless - Top Tokens (Total View)</option>
<option value='121484'>Activity: Security Posture: NAC Audit Server Issues - All Events (Total V...</option>
<option value='121504'>Activity: Security Posture: NAC End Host Details - All Events (Total View)</option>
<option value='121486'>Activity: Security Posture: NAC Infected/Quarantine - All Events (Total V...</option>
<option value='121488'>Activity: Security Posture: NAC Infected/Quarantine - Top Hosts (Total View)</option>
<option value='121490'>Activity: Security Posture: NAC L2 802.1x - Top Tokens (Total View)</option>
<option value='121482'>Activity: Security Posture: NAC L2IP - Top Tokens (Total View)</option>
<option value='121492'>Activity: Security Posture: NAC Static Auth - Top Hosts (Total View)</option>
<option value='121494'>Activity: Security Posture: NAC Static Auth - Top NADs (Total View)</option>
<option value='121496'>Activity: Security Posture: NAC Status Query Failure - Top Hosts (Total V...</option>
<option value='121498'>Activity: Security Posture: Not Healthy - All Events (Total View)</option>
<option value='121388'>Activity: Spyware - All Events (Total View)</option>
<option value='121298'>Activity: Spyware - Top Hosts (Total View)</option>
<option value='121196'>Activity: Stealth Scans - Top Sources (Total View)</option>
<option value='121420'>Activity: Sudden Traffic Increase To Port - All Destinations (Total View)</option>
<option value='121422'>Activity: Sudden Traffic Increase To Port - All Sources (Total View)</option>
<option value='121424'>Activity: Uncommon or Anomalous Traffic - All Events (Total View)</option>
<option value='121194'>Activity: Unknown Events - All Events (Total View)</option>
<option value='121198'>Activity: Virus/Worms - Top Event Types (Total View)</option>
<option value='121316'>Activity: Virus/Worms - Top Infected Hosts (Total View)</option>
<option value='121344'>Activity: Virus: Detected - Top Users (Total View)</option>
<option value='121352'>Activity: Virus: Infections - Top Users (Total View)</option>
<option value='121428'>Activity: Vulnerable Host Found (Total View)</option>
<option value='121426'>Activity: Vulnerable Host Found via VA Scanner (Total View)</option>
<option value='121318'>Activity: Web Usage - Top Destinations by Bytes (Total View)</option>
<option value='121320'>Activity: Web Usage - Top Destinations by Sessions (Peak View)</option>
<option value='121200'>Activity: Web Usage - Top Sources (Peak View)</option>
<option value='121254'>Attacks: All - All Events (Total View)</option>
<option value='121280'>Attacks: All - Top Destinations (Total View)</option>
<option value='121252'>Attacks: All - Top Event Type Groups (Total View)</option>
<option value='121204'>Attacks: All - Top Sources (Peak View)</option>
<option value='121290'>Attacks: Client Exploits - Top Sources (Total View)</option>
<option value='121206'>Attacks: Database Server - Top Event Types (Total View)</option>
<option value='121208'>Attacks: FTP Server - Top Event Types (Total View)</option>
<option value='121210'>Attacks: Identity Spoofing - Top Event Types (Total View)</option>
<option value='121212'>Attacks: Login Services - Top Event Types (Total View)</option>
<option value='121214'>Attacks: Mail Server - Top Event Types (Total View)</option>
<option value='121216'>Attacks: Network DoS - Top Event Types (Total View)</option>
<option value='121430'>Attacks: Password - All Events (Total View)</option>
<option value='121292'>Attacks: Password - Top Destinations (Total View)</option>
<option value='121218'>Attacks: Password - Top Event Types (Total View)</option>
<option value='121462'>Attacks: Password: Locked Accounts - All Events (Total View)</option>
<option value='121464'>Attacks: Password: Restricted Times - All Events (Total View)</option>
<option value='121220'>Attacks: RPC Services - Top Event Types (Total View)</option>
<option value='121222'>Attacks: SANS Top 20 - Top Event Types (Total View)</option>
<option value='121224'>Attacks: SNMP - Top Event Types (Total View)</option>
<option value='121294'>Attacks: Uncommon or Anomalous Traffic - Top Event Types (Total View)</option>
<option value='121226'>Attacks: Virus/Worms - Top Sources (Total View)</option>
<option value='121228'>Attacks: Web Server/App - Top Event Types (Total View)</option>
<option value='121432'>Configuration Changes: Network - All Events (Total View)</option>
<option value='121230'>Configuration Changes: Network - Top Event Types (Total View)</option>
<option value='121434'>Configuration Changes: Server - All Events (Total View)</option>
<option value='121296'>Configuration Changes: Server - Top Event Types (Total View)</option>
<option value='121300'>Configuration Changes: Server - Top Reporting Devices (Total View)</option>
<option value='121436'>Configuration Issues: Network - All Events (Total View)</option>
<option value='121232'>Configuration Issues: Network - Top Reporting Devices (Total View)</option>
<option value='121438'>Configuration Issues: Server - All Events (Total View)</option>
<option value='121234'>Configuration Issues: Server - Top Reporting Devices (Total View)</option>
<option value='121452'>Connectivity Issue: IOS IPS DTM - All Events (Total View)</option>
<option value='122303'>Detailed NAC Report (Total View)</option>
<option value='207897'>New Report: Jul 17, 2008 5:23:09 PM MSD (Total View)</option>
<option value='121440'>Operational Issues: Network - All Events (Total View)</option>
<option value='121236'>Operational Issues: Network - Top Reporting Devices (Total View)</option>
<option value='121442'>Operational Issues: Server - All Events (Total View)</option>
<option value='121238'>Operational Issues: Server - Top Reporting Devices (Total View)</option>
<option value='122305'>Resource Issues: CS-MARS - All Events (Total View)</option>
<option value='121476'>Resource Issues: IOS IPS DTM - All Events (Total View)</option>
<option value='121454'>Resource Issues: IOS IPS DTM - Top Devices (Total View)</option>
<option value='121446'>Resource Issues: Network - All Events (Total View)</option>
<option value='121240'>Resource Issues: Network - Top Reporting Devices (Total View)</option>
<option value='121448'>Resource Issues: Server - All Events (Total View)</option>
<option value='121242'>Resource Issues: Server - Top Reporting Devices (Total View)</option>
</select></td>
</TR>
</table>
</form>
<br>
<div style='width: 100%; text-align: right;'>
<form name='incidents' style='display: inline; vertical-align: middle;' action='/Incidents/IncidentDetails.jsp' onsubmit='if( this.Incident_Id.value.search( /[^0-9]/ ) != -1 ) { alert( "Please enter only numeric characters in the ID field." ); return false; }
if( this.Incident_Id.value == 0 ) { alert( "Please enter a valid positive (non-zero) number in the ID field." ); return false; }
if( this.Incident_Id.value.length > 20 ) { alert( "Please enter a valid number of at most 20 digits in the ID field." ); return false; }
return true;'>
Incident ID:
<input type='text' class='textfield' name='Incident_Id' size='20' value=''>
<button type="submit" class='small'>Show</button>
</form><br>
<form name='sessions' style='display: inline; vertical-align: middle;' action='/Query/Session.jsp' onsubmit='if( this.SessionId.value.search( /[^0-9]/ ) != -1 ) { alert( "Please enter only numeric characters in the ID field." ); return false; }
if( this.SessionId.value == 0 ) { alert( "Please enter a valid positive (non-zero) number in the ID field." ); return false; }
if( this.SessionId.value.length > 20 ) { alert( "Please enter a valid number of at most 20 digits in the ID field." ); return false; }
return true;'>
Session ID:
<input type='text' class='textfield' name='SessionId' size='20' value=''>
<button type="submit" class='small'>Show</button>
</form>
</div>
</div>
<form name='newquery' id='newquery' style='display: inline;' width='100%'>
<input type='hidden' name='isLowLatency' id='isLowLatency' value='null'>
<br>
<div class='indent' style='width: 100%;'>
<span class='header'>Query Event Data</span><br>
Click the cells below to change query criteria:
<p>
<div class='BgLight' style='width: 100%;'>
<div class='padded' style='width: 100%;'>
<h2>
Query type:
<a href="/Query/NewQueryResult.jsp?QueryIndex=0&isLowLatency=no">
Event Types ranked by
Sessions, 0h:10m
</a>
<button type="submit" class='small' onclick="DirectFormSubmit( '/Query/NewQueryResult.jsp?isLowLatency=no', this.form );">Edit</button>
<button type="submit" class='small' onclick="DirectFormSubmit( '/Query/index.jsp?NewQuery=true', this.form );">Clear</button>
</h2>
<table style='width: 100%;'>
<tr>
<th >Source IP</th>
<th >Destination IP</th>
<th >Service</th>
<th >Events</th>
<th >Device</th>
<th >Reported User</th>
<th >Keyword</th>
<th >Operation</th>
<th >Rule</th>
<th >Action</th>
</tr>
<tr class='spacer'><td></td></tr>
<tr class='odd' align="center">
<td><a href="/Query/NewQuerySource.jsp?QueryIndex=0&isLowLatency=no">
ANY
</a>
</td>
<td><a href="/Query/NewQueryDest.jsp?QueryIndex=0&isLowLatency=no">
ANY
</a>
</td>
<td><a href="/Query/NewQueryService.jsp?QueryIndex=0&isLowLatency=no">
ANY
</a>
</td>
<td><a href="/Query/NewQueryEvent.jsp?QueryIndex=0&isLowLatency=no">
ANY
</a>
</td>
<td><a href="/Query/NewQueryDevice.jsp?QueryIndex=0&isLowLatency=no">
ANY
</a>
</td>
<td><a href="/Query/NewQueryReportedUser.jsp?QueryIndex=0&isLowLatency=no">
ANY
</a>
</td>
<td><a href="/Query/NewQueryKeywords.jsp?QueryIndex=0&isLowLatency=no">
ANY
</a>
</td>
<td><a href="/Query/NewQueryOperator.jsp?QueryIndex=0&isLowLatency=no">
None
</a>
</td>
<td rowspan='1'><a href="/Query/NewQueryRule.jsp?QueryIndex=0&isLowLatency=no">
ANY
</a>
</td>
<td rowspan='1'><a href="/Query/NewQueryAction.jsp?QueryIndex=0&isLowLatency=no">
ANY
</a>
</td>
</tr>
<tr>
<td>
<input
class="textfield" type="text" size="3" maxlength="36"
title="IP byte 1, or paste whole IP value here"
name="QuerySrcQuick1"
id="QuerySrcQuick1"
onKeyUp="ipAddressValidateFirst( this.form.QuerySrcQuick1, this.form.QuerySrcQuick2, this.form.QuerySrcQuick3, this.form.QuerySrcQuick4 )"
onFocus="this.form.QuerySrcQuick1.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 2"
name="QuerySrcQuick2"
id="QuerySrcQuick2"
onKeyUp="ipAddressValidate( this.form.QuerySrcQuick2, this.form.QuerySrcQuick3 )"
onFocus="this.form.QuerySrcQuick2.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 3"
name="QuerySrcQuick3"
id="QuerySrcQuick3"
onKeyUp="ipAddressValidate( this.form.QuerySrcQuick3, this.form.QuerySrcQuick4 )"
onFocus="this.form.QuerySrcQuick3.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 4"
name="QuerySrcQuick4"
id="QuerySrcQuick4"
onKeyUp="ipAddressValidate( this.form.QuerySrcQuick4, this.form.QueryDestQuick1 )"
onFocus="this.form.QuerySrcQuick4.select()"
>
</td>
<td>
<input
class="textfield" type="text" size="3" maxlength="36"
title="IP byte 1, or paste whole IP value here"
name="QueryDestQuick1"
id="QueryDestQuick1"
onKeyUp="ipAddressValidateFirst( this.form.QueryDestQuick1, this.form.QueryDestQuick2, this.form.QueryDestQuick3, this.form.QueryDestQuick4 )"
onFocus="this.form.QueryDestQuick1.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 2"
name="QueryDestQuick2"
id="QueryDestQuick2"
onKeyUp="ipAddressValidate( this.form.QueryDestQuick2, this.form.QueryDestQuick3 )"
onFocus="this.form.QueryDestQuick2.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 3"
name="QueryDestQuick3"
id="QueryDestQuick3"
onKeyUp="ipAddressValidate( this.form.QueryDestQuick3, this.form.QueryDestQuick4 )"
onFocus="this.form.QueryDestQuick3.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 4"
name="QueryDestQuick4"
id="QueryDestQuick4"
onKeyUp="ipAddressValidate( this.form.QueryDestQuick4, this.form.QuerySvcDestQuick )"
onFocus="this.form.QueryDestQuick4.select()"
>
</td>
<td>
<table class='layout'><tr><td><input type='text' class='textfield' name='QuerySvcDestQuick' size='8' value=''></td>
<td>
<select name='QuerySvcProtocolQuick'>
<option value='-2'>ANY</option>
<option value='6'>TCP</option>
<option value='17'>UDP</option>
<option value='1'>ICMP</option>
<option value='0'>IP</option>
</select>
</td></tr></table>
</td>
<td>
<button type="submit" class='small' onclick="DirectFormSubmit( '/Query/index.jsp', this.form ); return VerifyParen();">Apply</button>
</td>
</tr>
</table>
</div>
</div>
</div>
<br>
<div class='indent' style='width: 100%; text-align: right;'>
<input type="submit" value="Save As Report" class='button' name="button" onclick="DirectFormSubmit( '/Report/NewReportName.jsp', this.form ); return VerifyParen();">
<input type="submit" value="Save As Rule" class='button' name="button" onclick="DirectFormSubmit( '/Query/QueryRule.jsp', this.form ); return VerifyParen();">
<input type="submit" value="Submit Inline" class='button' name="button" onclick="DirectFormSubmit( '/Query/QuerySubmit.jsp?ResubmitAndClearPaging=true&InlineReport=1', this.form ); return VerifyParen();">
</div>
</form>
<script language='javascript'>
function CallRedirect()
{
}
function LocalUpgradeAlert()
{
alert( "The Global Controller has sent an upgrade message to your system.\nPlease save your work, as the system will be upgrading in a few minutes." );
}
</script>
<p>
<table class='layout' width='100%'>
<tr><td colspan='2' style='height: 1px; background: #666666;'></td></tr>
<tr><td colspan='2' style='height: 2px;'></td></tr>
<tr>
<td align='left'>Copyright © 2003–2007 Cisco Systems, Inc.<br>All rights reserved.</td>
<td style='text-align: right;'>
<a class='menu' href="/Summary/index.jsp?NewQuery=clearReport" target="_top">Summary</a> :: <a class='menu' href="/Incidents/index.jsp?NewQuery=clearReport" target="_top">Incidents</a> :: <a class='menu' href="/Query/index.jsp?NewQuery=clearReport" target="_top">Query / Reports</a> :: <a class='menu' href="/InspectionRules/index.jsp?NewQuery=clearReport" target="_top">Rules</a> :: <a class='menu' href="/Management/Events/index.jsp?RemoveSessionForEvents=true&NewQuery=clearReport" target="_top">Management</a> :: <a class='menu' href="/Admin/index.jsp?NewQuery=clearReport" target="_top">Admin</a> :: <a class='menu' href="/Help/index.jsp?NewQuery=clearReport" target="_top">Help</a>
</td>
</tr>
</table>
</div>
</body>
</html>
---------------------------------------------------------------------[code]
[code]---------------------------------------------------------------------
<html>
<head>
<title>[pnmars] Query</title>
<style>
<!--
@import "/Common/Menu/CssGui.css";
@import "/Common/Menu/CssMenu.jsp";
@import "/Common/Menu/CssBrowser.jsp";
@import "/Common/Menu/tree.css";
-->
</style>
<script src='/Script/query.js' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
<script src='/Script/shared.jsp' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
<script src='/Script/menu.js' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
<script src='/Script/tree.jsp' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
<script src='/Script/SelectWindowScript.jsp' LANGUAGE='JavaScript1.2' TYPE='text/javascript'></script>
</head>
<body style='width: 100%;' onload='bool_PageLoaded = true; '>
<div class='query' style='width: 100%; padding-top: 0px;'>
<table class='layout' width='100%'>
<tr>
<td style='padding-bottom: 5px;' rowspan='2'><img src="/images/CornerLogo.gif" alt='[Cisco Systems]'></td>
<td> </td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('summary')" onmouseout="imgOff('summary')" href="/Summary/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_summary1.gif" alt="[Summary]" border=0 name="summary"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('idents')" onmouseout="imgOff('idents')" href="/Incidents/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_idents1.gif" alt="[Incidents]" border=0 name="idents"></a></td>
<td class='tight' style='vertical-align: bottom;'><a href="/Query/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_query2.gif" alt="[Query / Reports]" border=0 name="query"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('rules')" onmouseout="imgOff('rules')" href="/InspectionRules/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_rules1.gif" alt="[Rules]" border=0 name="rules"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('events')" onmouseout="imgOff('events')" href="/Management/Events/index.jsp?RemoveSessionForEvents=true&NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_events1.gif" alt="[Management]" border=0 name="events"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('admin')" onmouseout="imgOff('admin')" href="/Admin/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_admin1.gif" alt="[Admin]" border=0 name="admin"></a></td>
<td class='tight' style='vertical-align: bottom;'><a onmouseover="imgOn('help')" onmouseout="imgOff('help')" href="/Help/index.jsp?NewQuery=clearReport" target="_top"><img src="/images/menu_images/nav_help1.gif" alt="[Help]" border=0 name="help"></a></td>
</tr>
</table>
<table width='100%'>
<tr style='font-weight: bold;'>
<td class='BgMediumBorderGrey' onmouseover='this.className = "BgLightBorderGrey";' onmouseout='this.className = "BgMediumBorderGrey";' nowrap> <a class='menu' href="/Query/index.jsp?NewQuery=clearReport">Query</a> </td>
<td class='BgWhite' style='border-bottom: 1px solid #333333; width: 1px;'></td>
<td class='BgDarkBorderGrey' onmouseover='this.className = "BgLightBorderGrey";' onmouseout='this.className = "BgDarkBorderGrey";' nowrap> <a class='menu'href="/Report/BatchQuery.jsp">Batch Query</a> </td>
<td class='BgWhite' style='border-bottom: 1px solid #333333; width: 1px;'></td>
<td class='BgDarkBorderGrey' onmouseover='this.className = "BgLightBorderGrey";' onmouseout='this.className = "BgDarkBorderGrey";' nowrap> <a class='menu' href="/Report/">Report</a> </td>
<td class='BgWhite' style='border-bottom: 1px solid #333333; width: 1px;'></td>
<td class='BgDarkBorderGrey' colspan='4' width='100%' style='text-align: right;'>Aug 13, 2008 2:54:07 PM MSD </td>
</tr>
</table>
<table class='BgMedium' width='100%'>
<tr>
<td class='tight'><img src="/images/menu_images/pic_query.gif" alt="[Query / Reports]"></td>
<td class='header' style='text-align: left; vertical-align: middle; whitespace: nowrap;' nowrap>CS-MARS Standalone: pnmars v5.3</td>
<td style='width: 100%;'></td>
<td style='text-align: right; vertical-align: middle; whitespace: nowrap;' nowrap>Login: Yuriy, Grubov (grub) :: </td>
<td style='text-align: right; vertical-align: middle; whitespace: nowrap;' nowrap><button class='small' onclick="java script:window.open('/logout.jsp', '_top');">Logout</button> :: </td>
<td style='text-align: right; vertical-align: middle; whitespace: nowrap;' nowrap><button class='small' onclick="java script:PopupWithParams('/Shared/Popups/Activate.jsp', '');">Activate</button> </td>
</tr>
</table>
<br>
<div class="BgLight" style="width: 100%;"
onmouseover="if (FindElementById( 'CurrentCaseButtonContainer' ) != null) FindElementById( 'CurrentCaseButtonContainer' ).style.display = 'block';"
onmouseout=" if (FindElementById( 'CurrentCaseButtonContainer' ) != null) FindElementById( 'CurrentCaseButtonContainer' ).style.display = 'none';"
>
<div class="padded" style="width: 100%;">
<table style="width: 100%">
<tr>
<td nowrap>
Select Case:
<form action="/Query/index.jsp?isLowLatency=null&QuerySrcQuick1=111&QuerySrcQuick2=111&QuerySrcQuick3=111&QuerySrcQuick4=111&QueryDestQuick1=&QueryDestQuick2=&QueryDestQuick3=&QueryDestQuick4=&QuerySvcDestQuick=&QuerySvcProtocolQuick=-2&button=Submit+Inline" method="POST" style="display: inline;">
<select name="SetCurrentCaseId" onchange="this.form.submit(); bool_CaseInfoChanged = true; " class='select'>
<option value='0'>No Case Selected...</option>
<option value='209326'>C:209326 (New) Первый список </option>
</select>
</form>
</td>
<td style="width: 100%;"></td>
<td>
<form action="/Incidents/Case/CaseList.jsp" method="POST" style="display: inline;">
<button class="small" type="submit">View Cases</button>
</form>
</td>
<td>
<input type="hidden" name="CaseAction" value="Create">
<button class="small" onclick='PopupWithParams("/Shared/Popups/CreateNewCase.jsp", "?isLowLatency=null&QuerySrcQuick1=111&QuerySrcQuick2=111&QuerySrcQuick3=111&QuerySrcQuick4=111&QueryDestQuick1=&QueryDestQuick2=&QueryDestQuick3=&QueryDestQuick4=&QuerySvcDestQuick=&QuerySvcProtocolQuick=-2&button=Submit+Inline&backuri=%2FQuery%2Findex.jsp%3FisLowLatency%3Dnull%26QuerySrcQuick1%3D111%26QuerySrcQuick2%3D111%26QuerySrcQuick3%3D111%26QuerySrcQuick4%3D111%26QueryDestQuick1%3D%26QueryDestQuick2%3D%26QueryDestQuick3%3D%26QueryDestQuick4%3D%26QuerySvcDestQuick%3D%26QuerySvcProtocolQuick%3D-2%26button%3DSubmit%2BInline");' type="submit">New Case</button>
</td>
</tr>
</table>
</div>
</div>
</form>
<script>
function check_add_case(this_form)
{
var flag = false;
var string = "";
if (( this_form.CaseNewSummary != undefined ) && ( verifySpecialCharectersLeftRightAngle(this_form.CaseNewSummary.value) ))
{
flag = true;
string = string + "Case Summary " + returnSpecialCharectersLeftRightAngleString() + "\n";
}
if (( this_form.CaseCommentText != undefined ) && ( verifySpecialCharectersLeftRightAngle(this_form.CaseCommentText.value) ))
{
flag = true;
string = string + "Case Comment " + returnSpecialCharectersLeftRightAngleString() + "\n";
}
if ( flag == true )
{
alert( string );
return false;
}
return true;
}
</script>
<br>
<div class='indent' style='width: 100%; text-align: right;'>
<form name='loadquery' style='display: inline; float: left;' action='/Query/index.jsp'>
<input type='hidden' name='operation' value='LoadQuery'>
<table border = '3' style='width: 60%'>
<tr><td><span class='header' >Load Report as On-Demand Query with Filter</span></td></tr>
<tr>
<td nowrap style='vertical-align: middle'>
<select name="chosenReportGroupId" onchange="if( this.options[this.selectedIndex].value == -1 ) return false; if( DirectFormSubmit('index.jsp', this.form) ) { this.form.submit(); }">
<option value='-1' selected>Select Group...</option>
<option value='0'>All</option>
<option value='1'>System Reports</option>
<option value='2'>User Reports</option>
<option value='-1'>--Report Groups--</option>
<option value='121516'>System: Access</option>
<option value='121528'>System: All Events - Aggregate View</option>
<option value='121522'>System: All Exploits - Aggregate View</option>
<option value='121530'>System: COBIT DS3.3 - Monitoring and Reporting</option>
<option value='121534'>System: COBIT DS5.10: Security Violations</option>
<option value='121535'>System: COBIT DS5.19: Malicious software</option>
<option value='121536'>System: COBIT DS5.20: Firewall control</option>
<option value='121531'>System: COBIT DS5.2: Authentication and Access</option>
<option value='121532'>System: COBIT DS5.4: User Account Changes</option>
<option value='121533'>System: COBIT DS5.7: Security Surveillance</option>
<option value='121537'>System: COBIT DS9.4: Configuraton Control</option>
<option value='121538'>System: COBIT DS9.5: Unauthorized Software</option>
<option value='121545'>System: CS-MARS Distributed Threat Mitigation (Cisco DTM)</option>
<option value='121529'>System: CS-MARS Incident Response</option>
<option value='121527'>System: CS-MARS Issue</option>
<option value='121520'>System: Client Exploits, Virus, Worm and Malware</option>
<option value='121541'>System: Configuration Changes</option>
<option value='121526'>System: Configuration Issue</option>
<option value='121518'>System: Database Server Activity</option>
<option value='121517'>System: Host Activity</option>
<option value='121523'>System: Network Attacks and DoS</option>
<option value='121544'>System: New Malware Outbreak (Cisco ICS)</option>
<option value='121542'>System: Operational Issue</option>
<option value='121515'>System: Reconnaissance</option>
<option value='121525'>System: Resource Issue</option>
<option value='121543'>System: Resource Usage</option>
<option value='121519'>System: Restricted Network Traffic</option>
<option value='121539'>System: SOX 302(a)(4)(A)</option>
<option value='121540'>System: SOX 302(a)(4)(D)</option>
<option value='121524'>System: Security Posture Compliance (Cisco NAC)</option>
<option value='121521'>System: Server Exploits</option>
</select>
</td>
</TR>
<TR>
<td>
<select name='ChosenReportId' onchange='if( !this.options[0].selected ) { this.form.submit(); }'>
<option value='0'>Select Report...</option>
<option value='121468'>Activity: AAA Based Access - All Events (Total View)</option>
<option value='121456'>Activity: AAA Based Access Failure - All Events (Total View)</option>
<option value='121506'>Activity: AAA Failed Auth - All Events (Total View)</option>
<option value='121508'>Activity: AAA Failed Auth - Top NADs (Total View)</option>
<option value='121510'>Activity: AAA Failed Auth - Top Users (Total View)</option>
<option value='121458'>Activity: Accounts Locked - All Events (Total View)</option>
<option value='121460'>Activity: Accounts Locked - Top Hosts (Total View)</option>
<option value='121256'>Activity: All - NAT Connections (Total View)</option>
<option value='121160'>Activity: All - Top Destination Ports (Peak View)</option>
<option value='121162'>Activity: All - Top Destinations (Peak View)</option>
<option value='121164'>Activity: All - Top Event Type Groups (Peak View)</option>
<option value='121166'>Activity: All - Top Event Types (Peak View)</option>
<option value='121258'>Activity: All - Top Reporting Device Types (Total View)</option>
<option value='121168'>Activity: All - Top Reporting Devices (Total View)</option>
<option value='121202'>Activity: All - Top Rules Fired (Peak View)</option>
<option value='121170'>Activity: All - Top Sources (Peak View)</option>
<option value='121246'>Activity: All - Top Users (Recent View)</option>
<option value='121302'>Activity: All Events and Netflow - Top Destination Ports (Peak View)</option>
<option value='121304'>Activity: All Sessions - Top Destination Ports by Bytes (Total View)</option>
<option value='121306'>Activity: All Sessions - Top Destinations by Bytes (Total View)</option>
<option value='121172'>Activity: Attacks Prevented - Top Reporting Devices (Total View)</option>
<option value='126053'>Activity: Attacks Prevented by Cisco IPS - All Events (Total View)</option>
<option value='126055'>Activity: Attacks Prevented by Cisco IPS - Top Event Types (Total View)</option>
<option value='121260'>Activity: Attacks Seen - Top Event Types (Total View)</option>
<option value='121174'>Activity: Attacks Seen - Top Reporting Devices (Total View)</option>
<option value='121248'>Activity: Backdoor - Top Destinations (Total View)</option>
<option value='121176'>Activity: Backdoor - Top Event Types (Total View)</option>
<option value='121262'>Activity: Backdoor - Top Hosts (Total View)</option>
<option value='126133'>Activity: CS-MARS Accepted Conflicting Certificates/Fingerprints (Total V...</option>
<option value='126131'>Activity: CS-MARS Accepted New Certificates/Fingerprints (Total View)</option>
<option value='194367'>Activity: CS-MARS Accounts Locked (Total View)</option>
<option value='194379'>Activity: CS-MARS Accounts Unlocked (Total View)</option>
<option value='194363'>Activity: CS-MARS Authentication Method Modifications (Total View)</option>
<option value='126135'>Activity: CS-MARS Detected Conflicting Certificates/Fingerprints (Total V...</option>
<option value='126139'>Activity: CS-MARS Device Connectivity Errors (Total View)</option>
<option value='126137'>Activity: CS-MARS Failure Saving Certificates/Fingerprints (Total View)</option>
<option value='121392'>Activity: CS-MARS Host Mitigation - Failure - All Events (Total View)</option>
<option value='121394'>Activity: CS-MARS Host Mitigation - Success - All Events (Total View)</option>
<option value='194373'>Activity: CS-MARS IPS Signature Update Failure - All Events (Total View)</option>
<option value='194369'>Activity: CS-MARS IPS Signature Update Success - All Events (Total View)</option>
<option value='194381'>Activity: CS-MARS LC-GC Communication Failures (Total View)</option>
<option value='194377'>Activity: CS-MARS LC-GC Communication Recovered (Total View)</option>
<option value='194375'>Activity: CS-MARS Login Failures (Total View)</option>
<option value='194371'>Activity: CS-MARS Successful Logins (Total View)</option>
<option value='194365'>Activity: CS-MARS pnadmin User Password Status (Total View)</option>
<option value='121326'>Activity: Database Login Failures - All Events (Total View)</option>
<option value='121328'>Activity: Database Login Failures - Top Servers (Total View)</option>
<option value='121470'>Activity: Database Login Failures - Top Users (Total View)</option>
<option value='121472'>Activity: Database Login Successes - All Events (Total View)</option>
<option value='121330'>Activity: Database Login Successes - Top Servers (Total View)</option>
<option value='121332'>Activity: Database Login Successes - Top Users (Total View)</option>
<option value='121334'>Activity: Database Object Modification Failures - All Events (Total View)</option>
<option value='121336'>Activity: Database Object Modification Failures - Top Users (Total View)</option>
<option value='121338'>Activity: Database Object Modification Successes - All Events (Total View)</option>
<option value='121340'>Activity: Database Object Modification Successes - Top Users (Total View)</option>
<option value='121342'>Activity: Database Privileged Command Failures - All Events (Total View)</option>
<option value='121346'>Activity: Database Privileged Command Failures - Top Users (Total View)</option>
<option value='121348'>Activity: Database Privileged Command Successes - All Events (Total View)</option>
<option value='121350'>Activity: Database Privileged Command Successes - Top Users (Total View)</option>
<option value='121354'>Activity: Database Regular Command Failures - All Events (Total View)</option>
<option value='121356'>Activity: Database Regular Command Failures - Top Users (Total View)</option>
<option value='121358'>Activity: Database Regular Command Successes - All Events (Total View)</option>
<option value='121360'>Activity: Database Regular Command Successes - Top Users (Total View)</option>
<option value='121362'>Activity: Database User/Group Change Failures - All Events (Total View)</option>
<option value='121364'>Activity: Database User/Group Change Failures - Top Users (Total View)</option>
<option value='121366'>Activity: Database User/Group Change Successes - All Events (Total View)</option>
<option value='121368'>Activity: Database User/Group Change Successes - Top Users (Total View)</option>
<option value='121178'>Activity: Denies - Top Destination Ports (Peak View)</option>
<option value='121180'>Activity: Denies - Top Destinations (Peak View)</option>
<option value='121182'>Activity: Denies - Top Sources (Total View)</option>
<option value='121396'>Activity: Host Admin Login Success - All Events (Total View)</option>
<option value='121386'>Activity: Host Login Failures - All Events (Total View)</option>
<option value='121264'>Activity: Host Login Failures - Top Destinations (Total View)</option>
<option value='121266'>Activity: Host Login Failures - Top Users (Total View)</option>
<option value='121390'>Activity: Host Login Success - All Events (Total View)</option>
<option value='121268'>Activity: Host Login Success - Top Host (Total View)</option>
<option value='121270'>Activity: Host Object Access - All Events (Total View)</option>
<option value='121398'>Activity: Host Privilege Escalation - All Events (Total View)</option>
<option value='121308'>Activity: Host Privilege Escalation - Top Hosts (Total View)</option>
<option value='121272'>Activity: Host Privileged Access - All Events (Total View)</option>
<option value='121474'>Activity: Host Process Tracking - All Events (Total View)</option>
<option value='121274'>Activity: Host Registry Changes - All Events (Total View)</option>
<option value='121276'>Activity: Host Registry Changes - Top Host (Total View)</option>
<option value='121444'>Activity: Host Security Policy Changes - All Events (Total View)</option>
<option value='121278'>Activity: Host Security Policy Changes - Top Host (Total View)</option>
<option value='121282'>Activity: Host System Events - All Events (Total View)</option>
<option value='121284'>Activity: Host User/Group Management - All Events (Total View)</option>
<option value='121286'>Activity: Host User/Group Management - Top hosts (Total View)</option>
<option value='121184'>Activity: IDS Evasion - Top Event Types (Total View)</option>
<option value='121450'>Activity: IOS IPS DTM Successful Signature Tuning - All Events (Total View)</option>
<option value='121250'>Activity: IRC - All Events (Total View)</option>
<option value='121400'>Activity: Inactive Reporting Device - Top Devices (Total View)</option>
<option value='121288'>Activity: Network Usage - Top Destination Ports (Total View)</option>
<option value='121402'>Activity: Network Usage - Top Destination Ports By Bytes (Total View)</option>
<option value='121404'>Activity: New Malware Discovered - All Events (Total View)</option>
<option value='121406'>Activity: New Malware Prevention Deployment Failure - All Events (Total V...</option>
<option value='121408'>Activity: New Malware Prevention Deployment Success - All Events (Total V...</option>
<option value='121410'>Activity: New Malware Traffic Match - All Events (Total View)</option>
<option value='121412'>Activity: New Malware Traffic Match - Top Sources (Total View)</option>
<option value='121414'>Activity: P2P Filesharing/Chat - All Events (Total View)</option>
<option value='121186'>Activity: P2P Filesharing/Chat - Top Event Types (Total View)</option>
<option value='121310'>Activity: P2P Filesharing/Chat - Top Hosts (Total View)</option>
<option value='121370'>Activity: Recreational - All Events (Total View)</option>
<option value='121312'>Activity: Recreational - Top Sources (Total View)</option>
<option value='121416'>Activity: Remote Access Login - All Events (Total View)</option>
<option value='121314'>Activity: Remote Access Login - Top User (Total View)</option>
<option value='121418'>Activity: Remote Access Login Failures - All Events (Total View)</option>
<option value='121188'>Activity: Scans - Top Destination Ports (Peak View)</option>
<option value='121190'>Activity: Scans - Top Destinations (Total View)</option>
<option value='121192'>Activity: Scans - Top Sources (Total View)</option>
<option value='121466'>Activity: Security Posture: Healthy - Top Users (Total View)</option>
<option value='121478'>Activity: Security Posture: NAC - Top NADs (Total View)</option>
<option value='121500'>Activity: Security Posture: NAC - Top NADs and Tokens (Total View)</option>
<option value='121480'>Activity: Security Posture: NAC - Top Tokens (Total View)</option>
<option value='121512'>Activity: Security Posture: NAC Agentless - Top Hosts (Total View)</option>
<option value='121514'>Activity: Security Posture: NAC Agentless - Top NADs (Total View)</option>
<option value='121502'>Activity: Security Posture: NAC Agentless - Top Tokens (Total View)</option>
<option value='121484'>Activity: Security Posture: NAC Audit Server Issues - All Events (Total V...</option>
<option value='121504'>Activity: Security Posture: NAC End Host Details - All Events (Total View)</option>
<option value='121486'>Activity: Security Posture: NAC Infected/Quarantine - All Events (Total V...</option>
<option value='121488'>Activity: Security Posture: NAC Infected/Quarantine - Top Hosts (Total View)</option>
<option value='121490'>Activity: Security Posture: NAC L2 802.1x - Top Tokens (Total View)</option>
<option value='121482'>Activity: Security Posture: NAC L2IP - Top Tokens (Total View)</option>
<option value='121492'>Activity: Security Posture: NAC Static Auth - Top Hosts (Total View)</option>
<option value='121494'>Activity: Security Posture: NAC Static Auth - Top NADs (Total View)</option>
<option value='121496'>Activity: Security Posture: NAC Status Query Failure - Top Hosts (Total V...</option>
<option value='121498'>Activity: Security Posture: Not Healthy - All Events (Total View)</option>
<option value='121388'>Activity: Spyware - All Events (Total View)</option>
<option value='121298'>Activity: Spyware - Top Hosts (Total View)</option>
<option value='121196'>Activity: Stealth Scans - Top Sources (Total View)</option>
<option value='121420'>Activity: Sudden Traffic Increase To Port - All Destinations (Total View)</option>
<option value='121422'>Activity: Sudden Traffic Increase To Port - All Sources (Total View)</option>
<option value='121424'>Activity: Uncommon or Anomalous Traffic - All Events (Total View)</option>
<option value='121194'>Activity: Unknown Events - All Events (Total View)</option>
<option value='121198'>Activity: Virus/Worms - Top Event Types (Total View)</option>
<option value='121316'>Activity: Virus/Worms - Top Infected Hosts (Total View)</option>
<option value='121344'>Activity: Virus: Detected - Top Users (Total View)</option>
<option value='121352'>Activity: Virus: Infections - Top Users (Total View)</option>
<option value='121428'>Activity: Vulnerable Host Found (Total View)</option>
<option value='121426'>Activity: Vulnerable Host Found via VA Scanner (Total View)</option>
<option value='121318'>Activity: Web Usage - Top Destinations by Bytes (Total View)</option>
<option value='121320'>Activity: Web Usage - Top Destinations by Sessions (Peak View)</option>
<option value='121200'>Activity: Web Usage - Top Sources (Peak View)</option>
<option value='121254'>Attacks: All - All Events (Total View)</option>
<option value='121280'>Attacks: All - Top Destinations (Total View)</option>
<option value='121252'>Attacks: All - Top Event Type Groups (Total View)</option>
<option value='121204'>Attacks: All - Top Sources (Peak View)</option>
<option value='121290'>Attacks: Client Exploits - Top Sources (Total View)</option>
<option value='121206'>Attacks: Database Server - Top Event Types (Total View)</option>
<option value='121208'>Attacks: FTP Server - Top Event Types (Total View)</option>
<option value='121210'>Attacks: Identity Spoofing - Top Event Types (Total View)</option>
<option value='121212'>Attacks: Login Services - Top Event Types (Total View)</option>
<option value='121214'>Attacks: Mail Server - Top Event Types (Total View)</option>
<option value='121216'>Attacks: Network DoS - Top Event Types (Total View)</option>
<option value='121430'>Attacks: Password - All Events (Total View)</option>
<option value='121292'>Attacks: Password - Top Destinations (Total View)</option>
<option value='121218'>Attacks: Password - Top Event Types (Total View)</option>
<option value='121462'>Attacks: Password: Locked Accounts - All Events (Total View)</option>
<option value='121464'>Attacks: Password: Restricted Times - All Events (Total View)</option>
<option value='121220'>Attacks: RPC Services - Top Event Types (Total View)</option>
<option value='121222'>Attacks: SANS Top 20 - Top Event Types (Total View)</option>
<option value='121224'>Attacks: SNMP - Top Event Types (Total View)</option>
<option value='121294'>Attacks: Uncommon or Anomalous Traffic - Top Event Types (Total View)</option>
<option value='121226'>Attacks: Virus/Worms - Top Sources (Total View)</option>
<option value='121228'>Attacks: Web Server/App - Top Event Types (Total View)</option>
<option value='121432'>Configuration Changes: Network - All Events (Total View)</option>
<option value='121230'>Configuration Changes: Network - Top Event Types (Total View)</option>
<option value='121434'>Configuration Changes: Server - All Events (Total View)</option>
<option value='121296'>Configuration Changes: Server - Top Event Types (Total View)</option>
<option value='121300'>Configuration Changes: Server - Top Reporting Devices (Total View)</option>
<option value='121436'>Configuration Issues: Network - All Events (Total View)</option>
<option value='121232'>Configuration Issues: Network - Top Reporting Devices (Total View)</option>
<option value='121438'>Configuration Issues: Server - All Events (Total View)</option>
<option value='121234'>Configuration Issues: Server - Top Reporting Devices (Total View)</option>
<option value='121452'>Connectivity Issue: IOS IPS DTM - All Events (Total View)</option>
<option value='122303'>Detailed NAC Report (Total View)</option>
<option value='207897'>New Report: Jul 17, 2008 5:23:09 PM MSD (Total View)</option>
<option value='121440'>Operational Issues: Network - All Events (Total View)</option>
<option value='121236'>Operational Issues: Network - Top Reporting Devices (Total View)</option>
<option value='121442'>Operational Issues: Server - All Events (Total View)</option>
<option value='121238'>Operational Issues: Server - Top Reporting Devices (Total View)</option>
<option value='122305'>Resource Issues: CS-MARS - All Events (Total View)</option>
<option value='121476'>Resource Issues: IOS IPS DTM - All Events (Total View)</option>
<option value='121454'>Resource Issues: IOS IPS DTM - Top Devices (Total View)</option>
<option value='121446'>Resource Issues: Network - All Events (Total View)</option>
<option value='121240'>Resource Issues: Network - Top Reporting Devices (Total View)</option>
<option value='121448'>Resource Issues: Server - All Events (Total View)</option>
<option value='121242'>Resource Issues: Server - Top Reporting Devices (Total View)</option>
</select></td>
</TR>
</table>
</form>
<br>
<div style='width: 100%; text-align: right;'>
<form name='incidents' style='display: inline; vertical-align: middle;' action='/Incidents/IncidentDetails.jsp' onsubmit='if( this.Incident_Id.value.search( /[^0-9]/ ) != -1 ) { alert( "Please enter only numeric characters in the ID field." ); return false; }
if( this.Incident_Id.value == 0 ) { alert( "Please enter a valid positive (non-zero) number in the ID field." ); return false; }
if( this.Incident_Id.value.length > 20 ) { alert( "Please enter a valid number of at most 20 digits in the ID field." ); return false; }
return true;'>
Incident ID:
<input type='text' class='textfield' name='Incident_Id' size='20' value=''>
<button type="submit" class='small'>Show</button>
</form><br>
<form name='sessions' style='display: inline; vertical-align: middle;' action='/Query/Session.jsp' onsubmit='if( this.SessionId.value.search( /[^0-9]/ ) != -1 ) { alert( "Please enter only numeric characters in the ID field." ); return false; }
if( this.SessionId.value == 0 ) { alert( "Please enter a valid positive (non-zero) number in the ID field." ); return false; }
if( this.SessionId.value.length > 20 ) { alert( "Please enter a valid number of at most 20 digits in the ID field." ); return false; }
return true;'>
Session ID:
<input type='text' class='textfield' name='SessionId' size='20' value=''>
<button type="submit" class='small'>Show</button>
</form>
</div>
</div>
<form name='newquery' id='newquery' style='display: inline;' width='100%'>
<input type='hidden' name='isLowLatency' id='isLowLatency' value='null'>
<br>
<div class='indent' style='width: 100%;'>
<span class='header'>Query Event Data</span><br>
Click the cells below to change query criteria:
<p>
<div class='BgLight' style='width: 100%;'>
<div class='padded' style='width: 100%;'>
<h2>
Query type:
<a href="/Query/NewQueryResult.jsp?QueryIndex=0&isLowLatency=null">
Event Types ranked by
Sessions, 0h:10m
</a>
<button type="submit" class='small' onclick="DirectFormSubmit( '/Query/NewQueryResult.jsp?isLowLatency=null', this.form );">Edit</button>
<button type="submit" class='small' onclick="DirectFormSubmit( '/Query/index.jsp?NewQuery=true', this.form );">Clear</button>
</h2>
<table style='width: 100%;'>
<tr>
<th >Source IP</th>
<th >Destination IP</th>
<th >Service</th>
<th >Events</th>
<th >Device</th>
<th >Reported User</th>
<th >Keyword</th>
<th >Operation</th>
<th >Rule</th>
<th >Action</th>
</tr>
<tr class='spacer'><td></td></tr>
<tr class='odd' align="center">
<td><a href="/Query/NewQuerySource.jsp?QueryIndex=0&isLowLatency=null">
111.111.111.111
</a>
</td>
<td><a href="/Query/NewQueryDest.jsp?QueryIndex=0&isLowLatency=null">
ANY
</a>
</td>
<td><a href="/Query/NewQueryService.jsp?QueryIndex=0&isLowLatency=null">
ANY
</a>
</td>
<td><a href="/Query/NewQueryEvent.jsp?QueryIndex=0&isLowLatency=null">
ANY
</a>
</td>
<td><a href="/Query/NewQueryDevice.jsp?QueryIndex=0&isLowLatency=null">
ANY
</a>
</td>
<td><a href="/Query/NewQueryReportedUser.jsp?QueryIndex=0&isLowLatency=null">
ANY
</a>
</td>
<td><a href="/Query/NewQueryKeywords.jsp?QueryIndex=0&isLowLatency=null">
ANY
</a>
</td>
<td><a href="/Query/NewQueryOperator.jsp?QueryIndex=0&isLowLatency=null">
None
</a>
</td>
<td rowspan='1'><a href="/Query/NewQueryRule.jsp?QueryIndex=0&isLowLatency=null">
ANY
</a>
</td>
<td rowspan='1'><a href="/Query/NewQueryAction.jsp?QueryIndex=0&isLowLatency=null">
ANY
</a>
</td>
</tr>
<tr>
<td>
<input
class="textfield" type="text" size="3" maxlength="36"
title="IP byte 1, or paste whole IP value here"
name="QuerySrcQuick1"
id="QuerySrcQuick1"
onKeyUp="ipAddressValidateFirst( this.form.QuerySrcQuick1, this.form.QuerySrcQuick2, this.form.QuerySrcQuick3, this.form.QuerySrcQuick4 )"
onFocus="this.form.QuerySrcQuick1.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 2"
name="QuerySrcQuick2"
id="QuerySrcQuick2"
onKeyUp="ipAddressValidate( this.form.QuerySrcQuick2, this.form.QuerySrcQuick3 )"
onFocus="this.form.QuerySrcQuick2.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 3"
name="QuerySrcQuick3"
id="QuerySrcQuick3"
onKeyUp="ipAddressValidate( this.form.QuerySrcQuick3, this.form.QuerySrcQuick4 )"
onFocus="this.form.QuerySrcQuick3.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 4"
name="QuerySrcQuick4"
id="QuerySrcQuick4"
onKeyUp="ipAddressValidate( this.form.QuerySrcQuick4, this.form.QueryDestQuick1 )"
onFocus="this.form.QuerySrcQuick4.select()"
>
</td>
<td>
<input
class="textfield" type="text" size="3" maxlength="36"
title="IP byte 1, or paste whole IP value here"
name="QueryDestQuick1"
id="QueryDestQuick1"
onKeyUp="ipAddressValidateFirst( this.form.QueryDestQuick1, this.form.QueryDestQuick2, this.form.QueryDestQuick3, this.form.QueryDestQuick4 )"
onFocus="this.form.QueryDestQuick1.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 2"
name="QueryDestQuick2"
id="QueryDestQuick2"
onKeyUp="ipAddressValidate( this.form.QueryDestQuick2, this.form.QueryDestQuick3 )"
onFocus="this.form.QueryDestQuick2.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 3"
name="QueryDestQuick3"
id="QueryDestQuick3"
onKeyUp="ipAddressValidate( this.form.QueryDestQuick3, this.form.QueryDestQuick4 )"
onFocus="this.form.QueryDestQuick3.select()"
>.<input
class="textfield" type="text" size="3" maxlength="4"
title="IP byte 4"
name="QueryDestQuick4"
id="QueryDestQuick4"
onKeyUp="ipAddressValidate( this.form.QueryDestQuick4, this.form.QuerySvcDestQuick )"
onFocus="this.form.QueryDestQuick4.select()"
>
</td>
<td>
<table class='layout'><tr><td><input type='text' class='textfield' name='QuerySvcDestQuick' size='8' value=''></td>
<td>
<select name='QuerySvcProtocolQuick'>
<option value='-2'>ANY</option>
<option value='6'>TCP</option>
<option value='17'>UDP</option>
<option value='1'>ICMP</option>
<option value='0'>IP</option>
</select>
</td></tr></table>
</td>
<td>
<button type="submit" class='small' onclick="DirectFormSubmit( '/Query/index.jsp', this.form ); return VerifyParen();">Apply</button>
</td>
</tr>
</table>
</div>
</div>
</div>
<br>
<div class='indent' style='width: 100%; text-align: right;'>
<input type="submit" value="Save As Report" class='button' name="button" onclick="DirectFormSubmit( '/Report/NewReportName.jsp', this.form ); return VerifyParen();">
<input type="submit" value="Save As Rule" class='button' name="button" onclick="DirectFormSubmit( '/Query/QueryRule.jsp', this.form ); return VerifyParen();">
<input type="submit" value="Submit Inline" class='button' name="button" onclick="DirectFormSubmit( '/Query/QuerySubmit.jsp?ResubmitAndClearPaging=true&InlineReport=1', this.form ); return VerifyParen();">
</div>
</form>
<script language='javascript'>
function CallRedirect()
{
}
function LocalUpgradeAlert()
{
alert( "The Global Controller has sent an upgrade message to your system.\nPlease save your work, as the system will be upgrading in a few minutes." );
}
</script>
<p>
<table class='layout' width='100%'>
<tr><td colspan='2' style='height: 1px; background: #666666;'></td></tr>
<tr><td colspan='2' style='height: 2px;'></td></tr>
<tr>
<td align='left'>Copyright © 2003–2007 Cisco Systems, Inc.<br>All rights reserved.</td>
<td style='text-align: right;'>
<a class='menu' href="/Summary/index.jsp?NewQuery=clearReport" target="_top">Summary</a> :: <a class='menu' href="/Incidents/index.jsp?NewQuery=clearReport" target="_top">Incidents</a> :: <a class='menu' href="/Query/index.jsp?NewQuery=clearReport" target="_top">Query / Reports</a> :: <a class='menu' href="/InspectionRules/index.jsp?NewQuery=clearReport" target="_top">Rules</a> :: <a class='menu' href="/Management/Events/index.jsp?RemoveSessionForEvents=true&NewQuery=clearReport" target="_top">Management</a> :: <a class='menu' href="/Admin/index.jsp?NewQuery=clearReport" target="_top">Admin</a> :: <a class='menu' href="/Help/index.jsp?NewQuery=clearReport" target="_top">Help</a>
</td>
</tr>
</table>
</div>
</body>
</html>
---------------------------------------------------------------------
