latest.php

<?php
/**
 * 
 */
public static function get_rule_logs( $query  ) {

  if (!isset($query['rule_id']) || !$query['rule_id']) {
      return [];
  }

  global $wpdb;

  $table_name = $wpdb->prefix . "logs WHERE 1=1 ";

  $query = 'SELECT * FROM '.$table_name;
  $args = [];

  if (isset($query['rule_id']) && $query['rule_id']) {
      $query .= ' AND rule_id = %d ';
      $args[] = $query['rule_id'];
  }

  if (isset($query['begin_date']) && $query['begin_date']) {
      $query .= ' AND datetime >= %s ';
      $args[] = $query['begin_date'];
  }

  if (isset($query['end_date']) && $query['end_date']) {
      $query .= ' AND datetime <= %s ';
      $args[] = $query['end_date'];
  }

  return $wpdb->get_results( $wpdb->prepare( $query , $args ) , ARRAY_A );
}

PS, haven't tested this. Just talking structure for now.

Line 7:
You should check if it's an array if ( !is_array( $query ) && ! isset( $query['rule_id'] ) && !$query['rule_id'] ) Also, you must change the OR for AND

Lines 13 to 15: simplify to one line $query = 'SELECT * FROM ' . $wpdb->prefix . 'logs';

Line 16: Add a new var $where = [];

Lines 19, 24 and 29, replace by $where[] = 'rule_id = %d' (use the proper field name and type

Before line 33: Check if you have a where:

if( count( 0 < $where ) ) {
  $query .= ' WHERE ' . implode( ' AND ', $where );
}
else {
   return [];  // If no valid fields return; however, sin you already checked that rule_id exists, you could remove this
}

Nice catch on 13-15, I was fatigued and missed that!

I'm still not sold on the implode versus append. I'm not sure there are savings.

Here's the current draft. I am about to bake in offset, limits, orderby and order direction.

/*
   *
 */
  public static function get_rule_logs( $query ) {

      global $wpdb;

      if (!is_array($query)) {
          return [];
      }

      /* build query - sanitize data */
      $query['page'] = (isset($query['page'])) ? (int) $query['page'] : 1;
      $query['limit'] = (isset($query['limit'])) ? (int) $query['limit'] : 1000;
      $query['offset'] = ( $query['page'] - 1 ) * $query['limit'];
      $query['order_by'] = (isset($query['order_by'])) ? sanitize_text_field( $query['order_by'] ) : 'id';
      $query['order_direction'] = (isset($query['order_direction'])) ? sanitize_text_field( $query['order_direction'] ) : 'DESC';
      $query['rule_id'] = (isset($query['rule_id'])) ? (int)  $query['rule_id'] : 0;
      $query['log_type'] = (isset($query['log_type'])) ? sanitize_text_field( $query['log_type'] ) : 'unknown';
      $query['begin_date'] = (isset($query['begin_date'])) ? sanitize_text_field( $query['begin_date'] ) : false;
      $query['end_date'] = (isset($query['end_date'])) ? sanitize_text_field( $query['end_date'] ) : false;

      $query_sql = 'SELECT * FROM '.$wpdb->prefix . "logs WHERE 1=1 ";
      $args= [];

      if (isset($query['rule_id']) && $query['rule_id']) {
          $query_sql.= ' AND rule_id = %d ';
          $args[] = $query['rule_id'];
      }

      if (isset($query['log_type']) && $query['log_type']) {
          $query_sql.= ' AND datetime >= %s ';
          $args[] = $query['log_type'];
      }

      if (isset($query['begin_date']) && $query['begin_date']) {
          $query_sql.= ' AND datetime >= %s ';
          $args[] = $query['begin_date'];
      }
      if (isset($query['end_date']) && $query['end_date']) {
          $query_sql.= ' AND datetime <= %s ';
          $args[] = $query['end_date'];
      }

      $query_sql .= ' ORDER BY %s %s ';
      $args[] = $query['order_by'];
      $args[] = $query['order_direction'];
      
      $query_sql .= ' LIMIT %d, %d ';
      $args[] = $query['offset'];
      $args[] = $query['limit'];

      return $wpdb->get_results( $wpdb->prepare( $query_sql, $args ) , ARRAY_A );
  }

The difference between append and implode is more visual :)

The dummy 1 = 1 looks horrible while the implode solution is more "object-oriented", but is just a personal taste