def build_athena_query_for_app_access

def build_athena_query_for_app_access_logs()

in source/log_parser/build_athena_queries.py [0:0]
36 lines of code
2 McCabe index (conditional complexity)

def build_athena_query_for_app_access_logs(
    log, log_type, database_name, table_name, end_timestamp,
        waf_block_period, error_threshold):
    """
    This function dynamically builds athena query
    for cloudfront logs by adding partition values:
    year, month, day, hour. It splits query into three
    parts, builds them one by one and then concatenate
    them together into one final query.

    Args:
        log: logging object
        database_name: string. The Athena/Glue database name
        table_name: string. The Athena/Glue table name
        end_timestamp: datetime. The end time stamp of the logs being scanned
        waf_block_period: int. The period (in minutes) to block applicable IP addresses
        error_threshold: int. The maximum acceptable bad requests per minute per IP address

    Returns:
        Athena query string
    """
    log.info(
        '[build_athena_query_for_app_access_logs] Start')

    # ------------------------------------------------
    log.debug(
        "[build_athena_query_for_app_access_logs] \
            Get start and end time stamps")
    # ------------------------------------------------
    query_string = ""
    start_timestamp = end_timestamp - \
        datetime.timedelta(seconds=60*waf_block_period)
    log.info(
        "[build_athena_query_for_app_access_logs]  \
            start time: %s; end time: %s"
            %(start_timestamp, end_timestamp))

    # -------------------------------------------------
    log.debug(
        "[build_athena_query_for_app_access_logs]  \
            Build query")
    # --------------------------------------------------
    if log_type == 'CLOUDFRONT':
        query_string = build_athena_query_part_one_for_cloudfront_logs(
            log, database_name, table_name)
    else:  # ALB logs
        query_string = build_athena_query_part_one_for_alb_logs(
            log, database_name, table_name)
    query_string = query_string +  \
        build_athena_query_part_two_for_partition(
            log, start_timestamp, end_timestamp)
    query_string = query_string +  \
        build_athena_query_part_three_for_app_access_logs(
            log, error_threshold, start_timestamp, end_timestamp)

    log.info(
        "[build_athena_query_for_app_access_logs]  \
            Query string:\n %s"%query_string)

    log.info(
        '[build_athena_query_for_app_access_logs] End')

    return query_string