## Reading from google docs

test done with distilnetworks drive since imperva doesn't allow to create a Google Sheets API

https://docs.google.com/spreadsheets/d/10QCryRqYBlS-kE_ExHaGaSZU2JfS88BGcBss-KYr0Wk/edit#gid=0

In [1]:
import pandas as pd
from configparser import ConfigParser
import os
import pyathena

In [2]:
import pickle
from googleapiclient.discovery import build
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request

# If modifying these scopes, delete the file token.pickle.
SCOPES = ["https://www.googleapis.com/auth/spreadsheets"]

# The ID and range of a sample spreadsheet.
#SPREADSHEET_ID = '1UUp2TOeC4i2DaNT1FEzM6C-QfwHvP_32gJDisLvC0Ak' # presto attack alerting
SPREADSHEET_ID = '10QCryRqYBlS-kE_ExHaGaSZU2JfS88BGcBss-KYr0Wk' # athena attack alerting
RANGE_NAME = 'queries'

In [3]:
def retrieve_gservice():
    creds = None
    # The file token.pickle stores the user's access and refresh tokens, and is
    # created automatically when the authorization flow completes for the first
    # time.
    if os.path.exists('token.pickle'):
        with open('token.pickle', 'rb') as token:
            creds = pickle.load(token)

    # If there are no (valid) credentials available, let the user log in.
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            flow = InstalledAppFlow.from_client_secrets_file('credentials.json', SCOPES)
            creds = flow.run_local_server(port=0)
        # Save the credentials for the next run
        with open('token.pickle', 'wb') as token:
            pickle.dump(creds, token)

    return build('sheets', 'v4', credentials=creds)

In [4]:
# Call the Sheets API
def get_google_sheet(service, SPREADSHEET_ID, RANGE_NAME):
    sheet = service.spreadsheets()
    result = sheet.values().get(spreadsheetId=SPREADSHEET_ID, range=RANGE_NAME).execute()
    _values = result.get('values', [])

    return pd.DataFrame(_values[1:], columns=_values[0])

In [8]:
# Helper function to get the percentage in the right format
def _perc_to_float(perc):
    return float(perc.strip('%'))/100

In [11]:
try:
    _perc_to_float('asd')
except ValueError as e: 
    print(e)

could not convert string to float: 'asd'


In [6]:
service = retrieve_gservice()
df = get_google_sheet(service, SPREADSHEET_ID, RANGE_NAME)
df['perc_increase_float'] = df['perc_increase'].apply(_perc_to_float)

In [7]:
df

Unnamed: 0,name,domain,perc_increase,account_id,site_id,url,and_condition,note,attack_category,owner,tw_count,lw_count,perc_increase_float
0,first test attack alerting,www.realtor.com,5%,20f61841-e844-4532-8c08-dcd517daabb8,f44b7a05-3268-451b-ae56-79dddd9199c9,realestat,AND action is NULL,test to check if this works,,Emanuele,4,3,0.05
1,first test attack alerting,www.realtor.com,7%,20f61841-e844-4532-8c08-dcd517daabb8,f44b7a05-3268-451b-ae56-79dddd9199c9,realestateandhomes-detai,AND action is NULL,test to check if this works,,Emanuele,4,3,0.07


## Getting the data for the last 15 minutes
I need for each row the count of requests

In [8]:
def _get_connection_keys():
    config = ConfigParser()
    config.read(os.path.expanduser('~/.dpcfg.ini'))
    return dict(
            aws_access_key_id = config.get('athena','AccessKeyId'),
            aws_secret_access_key = config.get('athena','SecretAccessKey'),
            s3_staging_dir = 's3://aws-athena-query-results-724810233589-us-east-1',
            region_name = 'us-east-1'
            )

def _get_db_connection():
    keys = _get_connection_keys()
    return pyathena.connect(**keys)

def get_pandas_df(query):
    return pd.read_sql(query, _get_db_connection())

In [9]:
# Create a list of all queries
def _create_query_list(df):
    output_queries = []
    for row in df.iterrows():
        row_dict = row[1]
        # This week
        query_tw = f'''
                    SELECT COUNT(*)
                    FROM bon_log_prod.access
                    WHERE account_id = '{row_dict['account_id']}'
                      and site_id = '{row_dict['site_id']}'
                      and access_time > date_add('minute', - 60, NOW())  -- 60*24*7 + 60
                      and ds >= CAST(DATE(date_add('day', -1, NOW())) as VARCHAR) -- efficency, reduces the search scope
                      and regexp_like(request_path, '{row_dict['url']}') = true
                      {row_dict['and_condition']}
                      '''
        # Last week
        query_lw = f'''
                    SELECT COUNT(*)
                    FROM bon_log_prod.access
                    WHERE account_id = '{row_dict['account_id']}'
                      and site_id = '{row_dict['site_id']}'
                      and access_time > date_add('minute', - 10140, NOW())  -- 60*24*7 + 60
                      and access_time <= date_add('minute', - 10080, NOW()) -- 60*24*7
                      and ds >= CAST(DATE(date_add('day', -8, NOW())) as VARCHAR) -- efficency, reduces the search scope
                      and ds <= CAST(DATE(date_add('day', -6, NOW())) as VARCHAR) -- efficency, reduces the search scope
                      and regexp_like(request_path, '{row_dict['url']}') = true
                      {row_dict['and_condition']}
                      '''
        output_queries.append({'idx': row[0], 'tw': query_tw, 'lw': query_lw})
    return output_queries

In [11]:
def _get_data(query_dict):
    tw_count = get_pandas_df(query_dict['tw']).values[0][0]
    lw_count = get_pandas_df(query_dict['lw']).values[0][0]
    return {'tw_count' : tw_count,
            'lw_count' : lw_count,
            'idx' : query_dict['idx']}

In [None]:
# Add the queries formatted and convert the dataframe in useful format for the next function
query_dicts = _create_query_list(df)

# Parallelise, run multiple rows simultaneously
import multiprocessing as mp

pool = mp.Pool(mp.cpu_count())
results = [pool.apply(_get_data, args=[query_dict]) for query_dict in query_dicts]

In [None]:
results

In [None]:
# once done, add results to df
result_df = pd.DataFrame(results).set_index('idx')

In [23]:
sheet = service.spreadsheets()

In [36]:
values = [['test1']]
body = {'values': values}
my_range = 'A5'
result = sheet.values().update(spreadsheetId=SPREADSHEET_ID, 
                               range=my_range, 
                               body=body, 
                               valueInputOption='USER_ENTERED').execute()

In [132]:
result.

'"test"'

In [103]:
result_df

Unnamed: 0_level_0,tw_count,lw_count
idx,Unnamed: 1_level_1,Unnamed: 2_level_1
0,427953,426754
1,320774,321823


In [32]:
# Check logic


## Interacting with the Slack API

https://api.slack.com/apps

In [1]:
from utilities.slack_client import slack_API
slackAPI = slack_API()

https://hooks.slack.com/services/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


In [2]:
slackAPI.send_message('suca')

In [20]:
import os
import configparser

config = configparser.ConfigParser()
config.read(os.path.expanduser('~/.dpcfg.ini'))
WEBHOOK_URL= config.get('slack','WEBHOOK_URL'),
WEBHOOK_URL[0]

'https://hooks.slack.com/services/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'

In [9]:
def write_log2(line):
    logs = open("log.txt", "a+")
    logs.write(f"{line}\r\n")
    logs.close() 

In [13]:
def write_log(line):
    with open("log.txt", "a+") as logs:
        logs.write(f"{line}\r\n")

In [17]:
write_log('test2' + 'asd')

TypeError: decoding str is not supported

In [4]:
perc_increase= 0.05
tw_count= 1727
lw_count= 1340

In [5]:
tw_count+tw_count*perc_increase

1813.35

In [7]:
tw_count/lw_count*100-100

28.88059701492537