Google SecOps SDK for Python

Welcome to the documentation for the Google SecOps SDK for Python. This SDK provides a comprehensive interface for interacting with Google Security Operations products, currently supporting Chronicle/SecOps SIEM.

Overview

The Google SecOps SDK for Python wraps the API for common use cases, including:

• UDM searches

• Entity lookups

• IoCs management

• Alert management

• Case management

• Detection rule management

Getting Started

• Installation

• Authentication

• Quick Start

Core Features

• Chronicle Client

• Log Ingestion

• UDM Search

• IoCs Management

• Alert Management

• Case Management

• Detection Rules

• Entity Graph

• Retrohunts

CLI Reference

• Command Line Interface

• CLI Commands

Advanced Topics

• Proxy Configuration

• Regional Endpoints

• Error Handling

• Pagination

API Reference

• API Documentation

Contributing

• Contributing Guide

• Development Setup

• Changelog