Following shows mapping between SecOps REST Resource and SDK wrapper module and its respective CLI command (if available).
Note: All the REST resources mentioned have suffix projects.locations.instances.
- v1: 17 endpoints implemented
- v1beta: 98 endpoints implemented
- v1alpha: 203 endpoints implemented
| REST Resource | Version | secops-wrapper module | CLI Command |
|---|---|---|---|
| dataAccessLabels.create | v1 | ||
| dataAccessLabels.delete | v1 | ||
| dataAccessLabels.get | v1 | ||
| dataAccessLabels.list | v1 | ||
| dataAccessLabels.patch | v1 | ||
| dataAccessScopes.create | v1 | ||
| dataAccessScopes.delete | v1 | ||
| dataAccessScopes.get | v1 | ||
| dataAccessScopes.list | v1 | ||
| dataAccessScopes.patch | v1 | ||
| get | v1 | ||
| operations.cancel | v1 | ||
| operations.delete | v1 | ||
| operations.get | v1 | ||
| operations.list | v1 | ||
| referenceLists.create | v1 | chronicle.reference_list.create_reference_list | secops reference-list create |
| referenceLists.get | v1 | chronicle.reference_list.get_reference_list | secops reference-list get |
| referenceLists.list | v1 | chronicle.reference_list.list_reference_lists | secops reference-list list |
| referenceLists.patch | v1 | chronicle.reference_list.update_reference_list | secops reference-list update |
| rules.create | v1 | chronicle.rule.create_rule | secops rule create |
| rules.delete | v1 | chronicle.rule.delete_rule | secops rule delete |
| rules.deployments.list | v1 | ||
| rules.get | v1 | chronicle.rule.get_rule | secops rule get |
| rules.getDeployment | v1 | ||
| rules.list | v1 | chronicle.rule.list_rules | secops rule list |
| rules.listRevisions | v1 | ||
| rules.patch | v1 | chronicle.rule.update_rule | secops rule update |
| rules.retrohunts.create | v1 | chronicle.rule_retrohunt.create_retrohunt | secops rule-retrohunt create |
| rules.retrohunts.get | v1 | chronicle.rule_retrohunt.get_retrohunt | secops rule-retrohunt get |
| rules.retrohunts.list | v1 | chronicle.rule_retrohunt.list_retrohunts | secops rule-retrohunt list |
| rules.updateDeployment | v1 | chronicle.rule.enable_rule | secops rule enable |
| watchlists.create | v1 | chronicle.watchlist.create_watchlist | secops watchlist create |
| watchlists.delete | v1 | chronicle.watchlist.delete_watchlist | secops watchlist delete |
| watchlists.get | v1 | chronicle.watchlist.get_watchlist | secops watchlist get |
| watchlists.list | v1 | chronicle.watchlist.list_watchlists | secops watchlist list |
| watchlists.patch | v1 | chronicle.watchlist.update_watchlist | secops watchlist update |
| dataAccessLabels.create | v1beta | ||
| dataAccessLabels.delete | v1beta | ||
| dataAccessLabels.get | v1beta | ||
| dataAccessLabels.list | v1beta | ||
| dataAccessLabels.patch | v1beta | ||
| dataAccessScopes.create | v1beta | ||
| dataAccessScopes.delete | v1beta | ||
| dataAccessScopes.get | v1beta | ||
| dataAccessScopes.list | v1beta | ||
| dataAccessScopes.patch | v1beta | ||
| get | v1beta | ||
| integrations.create | v1beta | ||
| integrations.delete | v1beta | chronicle.soar.integration.integrations.delete_integration | secops integration integrations delete |
| integrations.download | v1beta | chronicle.soar.integration.integrations.download_integration | secops integration integrations download |
| integrations.downloadDependency | v1beta | chronicle.soar.integration.integrations.download_integration_dependency | secops integration integrations download-dependency |
| integrations.exportIntegrationItems | v1beta | chronicle.soar.integration.integrations.export_integration_items | secops integration integrations export-items |
| integrations.fetchAffectedItems | v1beta | chronicle.soar.integration.integrations.get_integration_affected_items | secops integration integrations get-affected-items |
| integrations.fetchAgentIntegrations | v1beta | chronicle.soar.integration.integrations.get_agent_integrations | secops integration integrations get-agent |
| integrations.fetchCommercialDiff | v1beta | chronicle.soar.integration.integrations.get_integration_diff | secops integration integrations get-diff |
| integrations.fetchDependencies | v1beta | chronicle.soar.integration.integrations.get_integration_dependencies | secops integration integrations get-dependencies |
| integrations.fetchRestrictedAgents | v1beta | chronicle.soar.integration.integrations.get_integration_restricted_agents | secops integration integrations get-restricted-agents |
| integrations.get | v1beta | chronicle.soar.integration.integrations.get_integration | secops integration integrations get |
| integrations.getFetchProductionDiff | v1beta | chronicle.soar.integration.integrations.get_integration_diff(diff_type=DiffType.PRODUCTION) | secops integration integrations get-diff |
| integrations.getFetchStagingDiff | v1beta | chronicle.soar.integration.integrations.get_integration_diff(diff_type=DiffType.STAGING) | secops integration integrations get-diff |
| integrations.import | v1beta | ||
| integrations.importIntegrationDependency | v1beta | ||
| integrations.importIntegrationItems | v1beta | ||
| integrations.list | v1beta | chronicle.soar.integration.integrations.list_integrations | secops integration integrations list |
| integrations.patch | v1beta | ||
| integrations.pushToProduction | v1beta | chronicle.soar.integration.integrations.transition_integration(target_mode=TargetMode.PRODUCTION) | secops integration integrations transition |
| integrations.pushToStaging | v1beta | chronicle.soar.integration.integrations.transition_integration(target_mode=TargetMode.STAGING) | secops integration integrations transition |
| integrations.updateCustomIntegration | v1beta | ||
| integrations.upload | v1beta | ||
| integrations.actions.create | v1beta | chronicle.soar.integration.actions.create_integration_action | secops integration actions create |
| integrations.actions.delete | v1beta | chronicle.soar.integration.actions.delete_integration_action | secops integration actions delete |
| integrations.actions.executeTest | v1beta | chronicle.soar.integration.actions.execute_integration_action_test | secops integration actions test |
| integrations.actions.fetchActionsByEnvironment | v1beta | chronicle.soar.integration.actions.get_integration_actions_by_environment | |
| integrations.actions.fetchTemplate | v1beta | chronicle.soar.integration.actions.get_integration_action_template | secops integration actions template |
| integrations.actions.get | v1beta | chronicle.soar.integration.actions.get_integration_action | secops integration actions get |
| integrations.actions.list | v1beta | chronicle.soar.integration.actions.list_integration_actions | secops integration actions list |
| integrations.actions.patch | v1beta | chronicle.soar.integration.actions.update_integration_action | secops integration actions update |
| integrations.actions.revisions.create | v1beta | chronicle.soar.integration.action_revisions.create_integration_action_revision | secops integration action-revisions create |
| integrations.actions.revisions.delete | v1beta | chronicle.soar.integration.action_revisions.delete_integration_action_revision | secops integration action-revisions delete |
| integrations.actions.revisions.list | v1beta | chronicle.soar.integration.action_revisions.list_integration_action_revisions | secops integration action-revisions list |
| integrations.actions.revisions.rollback | v1beta | chronicle.soar.integration.action_revisions.rollback_integration_action_revision | secops integration action-revisions rollback |
| integrations.connectors.create | v1beta | chronicle.soar.integration.connectors.create_integration_connector | secops integration connectors create |
| integrations.connectors.delete | v1beta | chronicle.soar.integration.connectors.delete_integration_connector | secops integration connectors delete |
| integrations.connectors.executeTest | v1beta | chronicle.soar.integration.connectors.execute_integration_connector_test | secops integration connectors test |
| integrations.connectors.fetchTemplate | v1beta | chronicle.soar.integration.connectors.get_integration_connector_template | secops integration connectors template |
| integrations.connectors.get | v1beta | chronicle.soar.integration.connectors.get_integration_connector | secops integration connectors get |
| integrations.connectors.list | v1beta | chronicle.soar.integration.connectors.list_integration_connectors | secops integration connectors list |
| integrations.connectors.patch | v1beta | chronicle.soar.integration.connectors.update_integration_connector | secops integration connectors update |
| integrations.connectors.revisions.create | v1beta | chronicle.soar.integration.connector_revisions.create_integration_connector_revision | secops integration connector-revisions create |
| integrations.connectors.revisions.delete | v1beta | chronicle.soar.integration.connector_revisions.delete_integration_connector_revision | secops integration connector-revisions delete |
| integrations.connectors.revisions.list | v1beta | chronicle.soar.integration.connector_revisions.list_integration_connector_revisions | secops integration connector-revisions list |
| integrations.connectors.revisions.rollback | v1beta | chronicle.soar.integration.connector_revisions.rollback_integration_connector_revision | secops integration connector-revisions rollback |
| integrations.connectors.contextProperties.clearAll | v1beta | chronicle.soar.integration.connector_context_properties.delete_all_connector_context_properties | secops integration connector-context-properties delete-all |
| integrations.connectors.contextProperties.create | v1beta | chronicle.soar.integration.connector_context_properties.create_connector_context_property | secops integration connector-context-properties create |
| integrations.connectors.contextProperties.delete | v1beta | chronicle.soar.integration.connector_context_properties.delete_connector_context_property | secops integration connector-context-properties delete |
| integrations.connectors.contextProperties.get | v1beta | chronicle.soar.integration.connector_context_properties.get_connector_context_property | secops integration connector-context-properties get |
| integrations.connectors.contextProperties.list | v1beta | chronicle.soar.integration.connector_context_properties.list_connector_context_properties | secops integration connector-context-properties list |
| integrations.connectors.contextProperties.patch | v1beta | chronicle.soar.integration.connector_context_properties.update_connector_context_property | secops integration connector-context-properties update |
| integrations.connectors.connectorInstances.logs.get | v1beta | chronicle.soar.integration.connector_instance_logs.get_connector_instance_log | secops integration connector-instance-logs get |
| integrations.connectors.connectorInstances.logs.list | v1beta | chronicle.soar.integration.connector_instance_logs.list_connector_instance_logs | secops integration connector-instance-logs list |
| integrations.connectors.connectorInstances.create | v1beta | chronicle.soar.integration.connector_instances.create_connector_instance | secops integration connector-instances create |
| integrations.connectors.connectorInstances.delete | v1beta | chronicle.soar.integration.connector_instances.delete_connector_instance | secops integration connector-instances delete |
| integrations.connectors.connectorInstances.fetchLatestDefinition | v1beta | chronicle.soar.integration.connector_instances.get_connector_instance_latest_definition | secops integration connector-instances get-latest-definition |
| integrations.connectors.connectorInstances.get | v1beta | chronicle.soar.integration.connector_instances.get_connector_instance | secops integration connector-instances get |
| integrations.connectors.connectorInstances.list | v1beta | chronicle.soar.integration.connector_instances.list_connector_instances | secops integration connector-instances list |
| integrations.connectors.connectorInstances.patch | v1beta | chronicle.soar.integration.connector_instances.update_connector_instance | secops integration connector-instances update |
| integrations.connectors.connectorInstances.runOnDemand | v1beta | chronicle.soar.integration.connector_instances.run_connector_instance_on_demand | secops integration connector-instances run-on-demand |
| integrations.connectors.connectorInstances.setLogsCollection | v1beta | chronicle.soar.integration.connector_instances.set_connector_instance_logs_collection | secops integration connector-instances set-logs-collection |
| integrations.integrationInstances.create | v1beta | chronicle.soar.integration.integration_instances.create_integration_instance | secops integration instances create |
| integrations.integrationInstances.delete | v1beta | chronicle.soar.integration.integration_instances.delete_integration_instance | secops integration instances delete |
| integrations.integrationInstances.executeTest | v1beta | chronicle.soar.integration.integration_instances.execute_integration_instance_test | secops integration instances test |
| integrations.integrationInstances.fetchAffectedItems | v1beta | chronicle.soar.integration.integration_instances.get_integration_instance_affected_items | secops integration instances get-affected-items |
| integrations.integrationInstances.fetchDefaultInstance | v1beta | chronicle.soar.integration.integration_instances.get_default_integration_instance | secops integration instances get-default |
| integrations.integrationInstances.get | v1beta | chronicle.soar.integration.integration_instances.get_integration_instance | secops integration instances get |
| integrations.integrationInstances.list | v1beta | chronicle.soar.integration.integration_instances.list_integration_instances | secops integration instances list |
| integrations.integrationInstances.patch | v1beta | chronicle.soar.integration.integration_instances.update_integration_instance | secops integration instances update |
| integrations.jobs.create | v1beta | chronicle.soar.integration.jobs.create_integration_job | secops integration jobs create |
| integrations.jobs.delete | v1beta | chronicle.soar.integration.jobs.delete_integration_job | secops integration jobs delete |
| integrations.jobs.executeTest | v1beta | chronicle.soar.integration.jobs.execute_integration_job_test | secops integration jobs test |
| integrations.jobs.fetchTemplate | v1beta | chronicle.soar.integration.jobs.get_integration_job_template | secops integration jobs template |
| integrations.jobs.get | v1beta | chronicle.soar.integration.jobs.get_integration_job | secops integration jobs get |
| integrations.jobs.list | v1beta | chronicle.soar.integration.jobs.list_integration_jobs | secops integration jobs list |
| integrations.jobs.patch | v1beta | chronicle.soar.integration.jobs.update_integration_job | secops integration jobs update |
| integrations.managers.create | v1beta | chronicle.soar.integration.managers.create_integration_manager | secops integration managers create |
| integrations.managers.delete | v1beta | chronicle.soar.integration.managers.delete_integration_manager | secops integration managers delete |
| integrations.managers.fetchTemplate | v1beta | chronicle.soar.integration.managers.get_integration_manager_template | secops integration managers template |
| integrations.managers.get | v1beta | chronicle.soar.integration.managers.get_integration_manager | secops integration managers get |
| integrations.managers.list | v1beta | chronicle.soar.integration.managers.list_integration_managers | secops integration managers list |
| integrations.managers.patch | v1beta | chronicle.soar.integration.managers.update_integration_manager | secops integration managers update |
| integrations.managers.revisions.create | v1beta | chronicle.soar.integration.manager_revisions.create_integration_manager_revision | secops integration manager-revisions create |
| integrations.managers.revisions.delete | v1beta | chronicle.soar.integration.manager_revisions.delete_integration_manager_revision | secops integration manager-revisions delete |
| integrations.managers.revisions.get | v1beta | chronicle.soar.integration.manager_revisions.get_integration_manager_revision | secops integration manager-revisions get |
| integrations.managers.revisions.list | v1beta | chronicle.soar.integration.manager_revisions.list_integration_manager_revisions | secops integration manager-revisions list |
| integrations.managers.revisions.rollback | v1beta | chronicle.soar.integration.manager_revisions.rollback_integration_manager_revision | secops integration manager-revisions rollback |
| integrations.jobs.revisions.create | v1beta | chronicle.soar.integration.job_revisions.create_integration_job_revision | secops integration job-revisions create |
| integrations.jobs.revisions.delete | v1beta | chronicle.soar.integration.job_revisions.delete_integration_job_revision | secops integration job-revisions delete |
| integrations.jobs.revisions.list | v1beta | chronicle.soar.integration.job_revisions.list_integration_job_revisions | secops integration job-revisions list |
| integrations.jobs.revisions.rollback | v1beta | chronicle.soar.integration.job_revisions.rollback_integration_job_revision | secops integration job-revisions rollback |
| integrations.jobs.jobInstances.create | v1beta | chronicle.soar.integration.job_instances.create_integration_job_instance | secops integration job-instances create |
| integrations.jobs.jobInstances.delete | v1beta | chronicle.soar.integration.job_instances.delete_integration_job_instance | secops integration job-instances delete |
| integrations.jobs.jobInstances.get | v1beta | chronicle.soar.integration.job_instances.get_integration_job_instance | secops integration job-instances get |
| integrations.jobs.jobInstances.list | v1beta | chronicle.soar.integration.job_instances.list_integration_job_instances | secops integration job-instances list |
| integrations.jobs.jobInstances.patch | v1beta | chronicle.soar.integration.job_instances.update_integration_job_instance | secops integration job-instances update |
| integrations.jobs.jobInstances.runOnDemand | v1beta | chronicle.soar.integration.job_instances.run_integration_job_instance_on_demand | secops integration job-instances run-on-demand |
| integrations.jobs.contextProperties.clearAll | v1beta | chronicle.soar.integration.job_context_properties.delete_all_job_context_properties | secops integration job-context-properties delete-all |
| integrations.jobs.contextProperties.create | v1beta | chronicle.soar.integration.job_context_properties.create_job_context_property | secops integration job-context-properties create |
| integrations.jobs.contextProperties.delete | v1beta | chronicle.soar.integration.job_context_properties.delete_job_context_property | secops integration job-context-properties delete |
| integrations.jobs.contextProperties.get | v1beta | chronicle.soar.integration.job_context_properties.get_job_context_property | secops integration job-context-properties get |
| integrations.jobs.contextProperties.list | v1beta | chronicle.soar.integration.job_context_properties.list_job_context_properties | secops integration job-context-properties list |
| integrations.jobs.contextProperties.patch | v1beta | chronicle.soar.integration.job_context_properties.update_job_context_property | secops integration job-context-properties update |
| integrations.jobs.jobInstances.logs.get | v1beta | chronicle.soar.integration.job_instance_logs.get_job_instance_log | secops integration job-instance-logs get |
| integrations.jobs.jobInstances.logs.list | v1beta | chronicle.soar.integration.job_instance_logs.list_job_instance_logs | secops integration job-instance-logs list |
| marketplaceIntegrations.get | v1beta | chronicle.marketplace_integrations.get_marketplace_integration | secops integration marketplace get |
| marketplaceIntegrations.getDiff | v1beta | chronicle.marketplace_integrations.get_marketplace_integration_diff | secops integration marketplace diff |
| marketplaceIntegrations.install | v1beta | chronicle.marketplace_integrations.install_marketplace_integration | secops integration marketplace install |
| marketplaceIntegrations.list | v1beta | chronicle.marketplace_integrations.list_marketplace_integrations | secops integration marketplace list |
| marketplaceIntegrations.uninstall | v1beta | chronicle.marketplace_integrations.uninstall_marketplace_integration | secops integration marketplace uninstall |
| operations.cancel | v1beta | ||
| operations.delete | v1beta | ||
| operations.get | v1beta | ||
| operations.list | v1beta | ||
| referenceLists.create | v1beta | ||
| referenceLists.get | v1beta | ||
| referenceLists.list | v1beta | ||
| referenceLists.patch | v1beta | ||
| rules.create | v1beta | ||
| rules.delete | v1beta | ||
| rules.deployments.list | v1beta | ||
| rules.get | v1beta | ||
| rules.getDeployment | v1beta | ||
| rules.list | v1beta | ||
| rules.listRevisions | v1beta | ||
| rules.patch | v1beta | ||
| rules.retrohunts.create | v1beta | ||
| rules.retrohunts.get | v1beta | ||
| rules.retrohunts.list | v1beta | ||
| rules.updateDeployment | v1beta | ||
| watchlists.create | v1beta | ||
| watchlists.delete | v1beta | ||
| watchlists.get | v1beta | ||
| watchlists.list | v1beta | ||
| watchlists.patch | v1beta | ||
| analytics.entities.analyticValues.list | v1alpha | ||
| analytics.list | v1alpha | ||
| batchValidateWatchlistEntities | v1alpha | ||
| bigQueryAccess.provide | v1alpha | ||
| bigQueryExport.provision | v1alpha | ||
| cases.countPriorities | v1alpha | ||
| contentHub.featuredContentRules.list | v1alpha | chronicle.featured_content_rules.list_featured_content_rules | secops featured-content-rules list |
| curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments.batchUpdate | v1alpha | chronicle.rule_set.batch_update_curated_rule_set_deployments | |
| curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments.patch | v1alpha | chronicle.rule_set.update_curated_rule_set_deployment | secops curated-rule rule-set-deployment update |
| curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments.list | v1alpha | chronicle.rule_set.list_curated_rule_set_deployments | secops curated-rule rule-set-deployment list |
| curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments.get | v1alpha | chronicle.rule_set.get_curated_rule_set_deployment chronicle.rule_set.get_curated_rule_set_deployment_by_name |
secops curated-rule rule-set-deployment get |
| curatedRuleSetCategories.curatedRuleSets.get | v1alpha | chronicle.rule_set.get_curated_rule_set | secops curated-rule rule-set get |
| curatedRuleSetCategories.curatedRuleSets.list | v1alpha | chronicle.rule_set.list_curated_rule_sets | secops curated-rule rule-set list |
| curatedRuleSetCategories.get | v1alpha | chronicle.rule_set.get_curated_rule_set_category | secops curated-rule rule-set-category get |
| curatedRuleSetCategories.list | v1alpha | chronicle.rule_set.list_curated_rule_set_categories | secops curated-rule rule-set-category list |
| curatedRules.get | v1alpha | chronicle.rule_set.get_curated_rule chronicle.rule_set.get_curated_rule_by_name |
secops curated-rule rule get |
| curatedRules.list | v1alpha | chronicle.rule_set.list_curated_rules | secops curated-rule rule list |
| dashboardCharts.batchGet | v1alpha | ||
| dashboardCharts.get | v1alpha | chronicle.dashboard.get_chart | secops dashboard get-chart |
| dashboardQueries.execute | v1alpha | chronicle.dashboard_query.execute_query | secops dashboard-query execute |
| dashboardQueries.get | v1alpha | chronicle.dashboard_query.get_execute_query | secops dashboard-query get |
| dashboards.copy | v1alpha | ||
| dashboards.create | v1alpha | ||
| dashboards.delete | v1alpha | ||
| dashboards.get | v1alpha | ||
| dashboards.list | v1alpha | ||
| dataAccessLabels.create | v1alpha | ||
| dataAccessLabels.delete | v1alpha | ||
| dataAccessLabels.get | v1alpha | ||
| dataAccessLabels.list | v1alpha | ||
| dataAccessLabels.patch | v1alpha | ||
| dataAccessScopes.create | v1alpha | ||
| dataAccessScopes.delete | v1alpha | ||
| dataAccessScopes.get | v1alpha | ||
| dataAccessScopes.list | v1alpha | ||
| dataAccessScopes.patch | v1alpha | ||
| dataExports.cancel | v1alpha | chronicle.data_export.cancel_data_export | secops export cancel |
| dataExports.create | v1alpha | chronicle.data_export.create_data_export | secops export create |
| dataExports.fetchavailablelogtypes | v1alpha | chronicle.data_export.fetch_available_log_types | secops export log-types |
| dataExports.get | v1alpha | chronicle.data_export.get_data_export | secops export status |
| dataExports.list | v1alpha | chronicle.data_export.list_data_export | secops export list |
| dataExports.patch | v1alpha | chronicle.data_export.update_data_export | secops export update |
| dataTableOperationErrors.get | v1alpha | ||
| dataTables.create | v1alpha | chronicle.data_table.create_data_table | secops data-table create |
| dataTables.dataTableRows.bulkCreate | v1alpha | chronicle.data_table.create_data_table_rows | secops data-table add-rows |
| dataTables.dataTableRows.bulkCreateAsync | v1alpha | ||
| dataTables.dataTableRows.bulkGet | v1alpha | ||
| dataTables.dataTableRows.bulkReplace | v1alpha | chronicle.data_table.replace_data_table_rows | secops data-table replace-rows |
| dataTables.dataTableRows.bulkReplaceAsync | v1alpha | ||
| dataTables.dataTableRows.bulkUpdate | v1alpha | chronicle.data_table.update_data_table_rows | secops data-table update-rows |
| dataTables.dataTableRows.bulkUpdateAsync | v1alpha | ||
| dataTables.dataTableRows.create | v1alpha | ||
| dataTables.dataTableRows.delete | v1alpha | chronicle.data_table.delete_data_table_rows | secops data-table delete-rows |
| dataTables.dataTableRows.get | v1alpha | ||
| dataTables.dataTableRows.list | v1alpha | chronicle.data_table.list_data_table_rows | secops data-table list-rows |
| dataTables.dataTableRows.patch | v1alpha | ||
| dataTables.delete | v1alpha | chronicle.data_table.delete_data_table | secops data-table delete |
| dataTables.get | v1alpha | chronicle.data_table.get_data_table | secops data-table get |
| dataTables.list | v1alpha | chronicle.data_table.list_data_tables | secops data-table list |
| dataTables.patch | v1alpha | ||
| dataTables.upload | v1alpha | ||
| dataTaps.create | v1alpha | ||
| dataTaps.delete | v1alpha | ||
| dataTaps.get | v1alpha | ||
| dataTaps.list | v1alpha | ||
| dataTaps.patch | v1alpha | ||
| delete | v1alpha | ||
| enrichmentControls.create | v1alpha | ||
| enrichmentControls.delete | v1alpha | ||
| enrichmentControls.get | v1alpha | ||
| enrichmentControls.list | v1alpha | ||
| entities.get | v1alpha | ||
| entities.import | v1alpha | chronicle.log_ingest.import_entities | secops entity import |
| entities.modifyEntityRiskScore | v1alpha | ||
| entities.queryEntityRiskScoreModifications | v1alpha | ||
| entityRiskScores.query | v1alpha | ||
| errorNotificationConfigs.create | v1alpha | ||
| errorNotificationConfigs.delete | v1alpha | ||
| errorNotificationConfigs.get | v1alpha | ||
| errorNotificationConfigs.list | v1alpha | ||
| errorNotificationConfigs.patch | v1alpha | ||
| events.batchGet | v1alpha | ||
| events.get | v1alpha | ||
| events.import | v1alpha | chronicle.log_ingest.ingest_udm | secops log ingest-udm |
| extractSyslog | v1alpha | ||
| federationGroups.create | v1alpha | ||
| federationGroups.delete | v1alpha | ||
| federationGroups.get | v1alpha | ||
| federationGroups.list | v1alpha | ||
| federationGroups.patch | v1alpha | ||
| feedPacks.get | v1alpha | ||
| feedPacks.list | v1alpha | ||
| feedServiceAccounts.fetchServiceAccountForCustomer | v1alpha | ||
| feedSourceTypeSchemas.list | v1alpha | ||
| feedSourceTypeSchemas.logTypeSchemas.list | v1alpha | ||
| feeds.create | v1alpha | chronicle.feeds.create_feed | secops feed create |
| feeds.delete | v1alpha | chronicle.feeds.delete_feed | secops feed delete |
| feeds.disable | v1alpha | chronicle.feeds.disable_feed | secops feed disable |
| feeds.enable | v1alpha | chronicle.feeds.enable_feed | secops feed enable |
| feeds.generateSecret | v1alpha | chronicle.feeds.generate_secret | secops feed secret |
| feeds.get | v1alpha | chronicle.feeds.get_feed | secops feed get |
| feeds.importPushLogs | v1alpha | ||
| feeds.list | v1alpha | chronicle.feeds.list_feeds | secops feed list |
| feeds.patch | v1alpha | chronicle.feeds.update_feed | secops feed update |
| feeds.scheduleTransfer | v1alpha | ||
| fetchFederationAccess | v1alpha | ||
| findEntity | v1alpha | ||
| findEntityAlerts | v1alpha | ||
| findRelatedEntities | v1alpha | ||
| findUdmFieldValues | v1alpha | ||
| findingsGraph.exploreNode | v1alpha | ||
| findingsGraph.initializeGraph | v1alpha | ||
| findingsRefinements.computeFindingsRefinementActivity | v1alpha | chronicle.rule_exclusion.compute_rule_exclusion_activity | secops rule-exclusion compute-activity |
| findingsRefinements.create | v1alpha | chronicle.rule_exclusion.create_rule_exclusion | secops rule-exclusion create |
| findingsRefinements.get | v1alpha | chronicle.rule_exclusion.get_rule_exclusion | secops rule-exclusion get |
| findingsRefinements.getDeployment | v1alpha | chronicle.rule_exclusion.get_rule_exclusion_deployment | secops rule-exclusion get-deployment |
| findingsRefinements.list | v1alpha | chronicle.rule_exclusion.list_rule_exclusions | secops rule-exclusion list |
| findingsRefinements.patch | v1alpha | chronicle.rule_exclusion.patch_rule_exclusion | secops rule-exclusion update |
| findingsRefinements.updateDeployment | v1alpha | chronicle.rule_exclusion.update_rule_exclusion_deployment | secops rule-exclusion update-deployment |
| forwarders.collectors.create | v1alpha | ||
| forwarders.collectors.delete | v1alpha | ||
| forwarders.collectors.get | v1alpha | ||
| forwarders.collectors.list | v1alpha | ||
| forwarders.collectors.patch | v1alpha | ||
| forwarders.create | v1alpha | chronicle.log_ingest.create_forwarder | secops forwarder create |
| forwarders.delete | v1alpha | chronicle.log_ingest.delete_forwarder | secops forwarder delete |
| forwarders.generateForwarderFiles | v1alpha | ||
| forwarders.get | v1alpha | chronicle.log_ingest.get_forwarder | secops forwarder get |
| forwarders.importStatsEvents | v1alpha | ||
| forwarders.list | v1alpha | chronicle.log_ingest.list_forwarder | secops forwarder list |
| forwarders.patch | v1alpha | chronicle.log_ingest.update_forwarder | secops forwarder update |
| generateCollectionAgentAuth | v1alpha | ||
| generateSoarAuthJwt | v1alpha | ||
| generateUdmKeyValueMappings | v1alpha | ||
| generateWorkspaceConnectionToken | v1alpha | ||
| get | v1alpha | ||
| getBigQueryExport | v1alpha | ||
| getMultitenantDirectory | v1alpha | ||
| getRiskConfig | v1alpha | ||
| ingestionLogLabels.get | v1alpha | ||
| ingestionLogLabels.list | v1alpha | ||
| ingestionLogNamespaces.get | v1alpha | ||
| ingestionLogNamespaces.list | v1alpha | ||
| integrations.create | v1alpha | ||
| integrations.delete | v1alpha | chronicle.soar.integration.integrations.delete_integration(api_version=APIVersion.V1ALPHA) | secops integration integrations delete |
| integrations.download | v1alpha | chronicle.soar.integration.integrations.download_integration(api_version=APIVersion.V1ALPHA) | secops integration integrations download |
| integrations.downloadDependency | v1alpha | chronicle.soar.integration.integrations.download_integration_dependency(api_version=APIVersion.V1ALPHA) | secops integration integrations download-dependency |
| integrations.exportIntegrationItems | v1alpha | chronicle.soar.integration.integrations.export_integration_items(api_version=APIVersion.V1ALPHA) | secops integration integrations export-items |
| integrations.fetchAffectedItems | v1alpha | chronicle.soar.integration.integrations.get_integration_affected_items(api_version=APIVersion.V1ALPHA) | secops integration integrations get-affected-items |
| integrations.fetchAgentIntegrations | v1alpha | chronicle.soar.integration.integrations.get_agent_integrations(api_version=APIVersion.V1ALPHA) | secops integration integrations get-agent |
| integrations.fetchCommercialDiff | v1alpha | chronicle.soar.integration.integrations.get_integration_diff(api_version=APIVersion.V1ALPHA) | secops integration integrations get-diff |
| integrations.fetchDependencies | v1alpha | chronicle.soar.integration.integrations.get_integration_dependencies(api_version=APIVersion.V1ALPHA) | secops integration integrations get-dependencies |
| integrations.fetchRestrictedAgents | v1alpha | chronicle.soar.integration.integrations.get_integration_restricted_agents(api_version=APIVersion.V1ALPHA) | secops integration integrations get-restricted-agents |
| integrations.get | v1alpha | chronicle.soar.integration.integrations.get_integration(api_version=APIVersion.V1ALPHA) | secops integration integrations get |
| integrations.getFetchProductionDiff | v1alpha | chronicle.soar.integration.integrations.get_integration_diff(api_version=APIVersion.V1ALPHA, diff_type=DiffType.PRODUCTION) | secops integration integrations get-diff |
| integrations.getFetchStagingDiff | v1alpha | chronicle.soar.integration.integrations.get_integration_diffapi_version=APIVersion.V1ALPHA, (diff_type=DiffType.STAGING) | secops integration integrations get-diff |
| integrations.import | v1alpha | ||
| integrations.importIntegrationDependency | v1alpha | ||
| integrations.importIntegrationItems | v1alpha | ||
| integrations.list | v1alpha | chronicle.soar.integration.integrations.list_integrations(api_version=APIVersion.V1ALPHA) | secops integration integrations list |
| integrations.patch | v1alpha | ||
| integrations.pushToProduction | v1alpha | chronicle.soar.integration.integrations.transition_integration(api_version=APIVersion.V1ALPHA, target_mode=TargetMode.PRODUCTION) | secops integration integrations transition |
| integrations.pushToStaging | v1alpha | chronicle.soar.integration.integrations.transition_integration(api_version=APIVersion.V1ALPHA, target_mode=TargetMode.STAGING) | secops integration integrations transition |
| integrations.updateCustomIntegration | v1alpha | ||
| integrations.upload | v1alpha | ||
| integrations.actions.create | v1alpha | chronicle.soar.integration.actions.create_integration_action(api_version=APIVersion.V1ALPHA) | secops integration actions create |
| integrations.actions.delete | v1alpha | chronicle.soar.integration.actions.delete_integration_action(api_version=APIVersion.V1ALPHA) | secops integration actions delete |
| integrations.actions.executeTest | v1alpha | chronicle.soar.integration.actions.execute_integration_action_test(api_version=APIVersion.V1ALPHA) | secops integration actions test |
| integrations.actions.fetchActionsByEnvironment | v1alpha | chronicle.soar.integration.actions.get_integration_actions_by_environment(api_version=APIVersion.V1ALPHA) | |
| integrations.actions.fetchTemplate | v1alpha | chronicle.soar.integration.actions.get_integration_action_template(api_version=APIVersion.V1ALPHA) | secops integration actions template |
| integrations.actions.get | v1alpha | chronicle.soar.integration.actions.get_integration_action(api_version=APIVersion.V1ALPHA) | secops integration actions get |
| integrations.actions.list | v1alpha | chronicle.soar.integration.actions.list_integration_actions(api_version=APIVersion.V1ALPHA) | secops integration actions list |
| integrations.actions.patch | v1alpha | chronicle.soar.integration.actions.update_integration_action(api_version=APIVersion.V1ALPHA) | secops integration actions update |
| integrations.actions.revisions.create | v1alpha | chronicle.soar.integration.action_revisions.create_integration_action_revision(api_version=APIVersion.V1ALPHA) | secops integration action-revisions create |
| integrations.actions.revisions.delete | v1alpha | chronicle.soar.integration.action_revisions.delete_integration_action_revision(api_version=APIVersion.V1ALPHA) | secops integration action-revisions delete |
| integrations.actions.revisions.list | v1alpha | chronicle.soar.integration.action_revisions.list_integration_action_revisions(api_version=APIVersion.V1ALPHA) | secops integration action-revisions list |
| integrations.actions.revisions.rollback | v1alpha | chronicle.soar.integration.action_revisions.rollback_integration_action_revision(api_version=APIVersion.V1ALPHA) | secops integration action-revisions rollback |
| integrations.connectors.create | v1alpha | chronicle.soar.integration.connectors.create_integration_connector(api_version=APIVersion.V1ALPHA) | secops integration connectors create |
| integrations.connectors.delete | v1alpha | chronicle.soar.integration.connectors.delete_integration_connector(api_version=APIVersion.V1ALPHA) | secops integration connectors delete |
| integrations.connectors.executeTest | v1alpha | chronicle.soar.integration.connectors.execute_integration_connector_test(api_version=APIVersion.V1ALPHA) | secops integration connectors test |
| integrations.connectors.fetchTemplate | v1alpha | chronicle.soar.integration.connectors.get_integration_connector_template(api_version=APIVersion.V1ALPHA) | secops integration connectors template |
| integrations.connectors.get | v1alpha | chronicle.soar.integration.connectors.get_integration_connector(api_version=APIVersion.V1ALPHA) | secops integration connectors get |
| integrations.connectors.list | v1alpha | chronicle.soar.integration.connectors.list_integration_connectors(api_version=APIVersion.V1ALPHA) | secops integration connectors list |
| integrations.connectors.patch | v1alpha | chronicle.soar.integration.connectors.update_integration_connector(api_version=APIVersion.V1ALPHA) | secops integration connectors update |
| integrations.connectors.revisions.create | v1alpha | chronicle.soar.integration.connector_revisions.create_integration_connector_revision(api_version=APIVersion.V1ALPHA) | secops integration connector-revisions create |
| integrations.connectors.revisions.delete | v1alpha | chronicle.soar.integration.connector_revisions.delete_integration_connector_revision(api_version=APIVersion.V1ALPHA) | secops integration connector-revisions delete |
| integrations.connectors.revisions.list | v1alpha | chronicle.soar.integration.connector_revisions.list_integration_connector_revisions(api_version=APIVersion.V1ALPHA) | secops integration connector-revisions list |
| integrations.connectors.revisions.rollback | v1alpha | chronicle.soar.integration.connector_revisions.rollback_integration_connector_revision(api_version=APIVersion.V1ALPHA) | secops integration connector-revisions rollback |
| integrations.connectors.contextProperties.clearAll | v1alpha | chronicle.soar.integration.connector_context_properties.delete_all_connector_context_properties(api_version=APIVersion.V1ALPHA) | secops integration connector-context-properties delete-all |
| integrations.connectors.contextProperties.create | v1alpha | chronicle.soar.integration.connector_context_properties.create_connector_context_property(api_version=APIVersion.V1ALPHA) | secops integration connector-context-properties create |
| integrations.connectors.contextProperties.delete | v1alpha | chronicle.soar.integration.connector_context_properties.delete_connector_context_property(api_version=APIVersion.V1ALPHA) | secops integration connector-context-properties delete |
| integrations.connectors.contextProperties.get | v1alpha | chronicle.soar.integration.connector_context_properties.get_connector_context_property(api_version=APIVersion.V1ALPHA) | secops integration connector-context-properties get |
| integrations.connectors.contextProperties.list | v1alpha | chronicle.soar.integration.connector_context_properties.list_connector_context_properties(api_version=APIVersion.V1ALPHA) | secops integration connector-context-properties list |
| integrations.connectors.contextProperties.patch | v1alpha | chronicle.soar.integration.connector_context_properties.update_connector_context_property(api_version=APIVersion.V1ALPHA) | secops integration connector-context-properties update |
| integrations.connectors.connectorInstances.logs.get | v1alpha | chronicle.soar.integration.connector_instance_logs.get_connector_instance_log(api_version=APIVersion.V1ALPHA) | secops integration connector-instance-logs get |
| integrations.connectors.connectorInstances.logs.list | v1alpha | chronicle.soar.integration.connector_instance_logs.list_connector_instance_logs(api_version=APIVersion.V1ALPHA) | secops integration connector-instance-logs list |
| integrations.connectors.connectorInstances.create | v1alpha | chronicle.soar.integration.connector_instances.create_connector_instance(api_version=APIVersion.V1ALPHA) | secops integration connector-instances create |
| integrations.connectors.connectorInstances.delete | v1alpha | chronicle.soar.integration.connector_instances.delete_connector_instance(api_version=APIVersion.V1ALPHA) | secops integration connector-instances delete |
| integrations.connectors.connectorInstances.fetchLatestDefinition | v1alpha | chronicle.soar.integration.connector_instances.get_connector_instance_latest_definition(api_version=APIVersion.V1ALPHA) | secops integration connector-instances get-latest-definition |
| integrations.connectors.connectorInstances.get | v1alpha | chronicle.soar.integration.connector_instances.get_connector_instance(api_version=APIVersion.V1ALPHA) | secops integration connector-instances get |
| integrations.connectors.connectorInstances.list | v1alpha | chronicle.soar.integration.connector_instances.list_connector_instances(api_version=APIVersion.V1ALPHA) | secops integration connector-instances list |
| integrations.connectors.connectorInstances.patch | v1alpha | chronicle.soar.integration.connector_instances.update_connector_instance(api_version=APIVersion.V1ALPHA) | secops integration connector-instances update |
| integrations.connectors.connectorInstances.runOnDemand | v1alpha | chronicle.soar.integration.connector_instances.run_connector_instance_on_demand(api_version=APIVersion.V1ALPHA) | secops integration connector-instances run-on-demand |
| integrations.connectors.connectorInstances.setLogsCollection | v1alpha | chronicle.soar.integration.connector_instances.set_connector_instance_logs_collection(api_version=APIVersion.V1ALPHA) | secops integration connector-instances set-logs-collection |
| integrations.integrationInstances.create | v1alpha | chronicle.soar.integration.integration_instances.create_integration_instance(api_version=APIVersion.V1ALPHA) | secops integration instances create |
| integrations.integrationInstances.delete | v1alpha | chronicle.soar.integration.integration_instances.delete_integration_instance(api_version=APIVersion.V1ALPHA) | secops integration instances delete |
| integrations.integrationInstances.executeTest | v1alpha | chronicle.soar.integration.integration_instances.execute_integration_instance_test(api_version=APIVersion.V1ALPHA) | secops integration instances test |
| integrations.integrationInstances.fetchAffectedItems | v1alpha | chronicle.soar.integration.integration_instances.get_integration_instance_affected_items(api_version=APIVersion.V1ALPHA) | secops integration instances get-affected-items |
| integrations.integrationInstances.fetchDefaultInstance | v1alpha | chronicle.soar.integration.integration_instances.get_default_integration_instance(api_version=APIVersion.V1ALPHA) | secops integration instances get-default |
| integrations.integrationInstances.get | v1alpha | chronicle.soar.integration.integration_instances.get_integration_instance(api_version=APIVersion.V1ALPHA) | secops integration instances get |
| integrations.integrationInstances.list | v1alpha | chronicle.soar.integration.integration_instances.list_integration_instances(api_version=APIVersion.V1ALPHA) | secops integration instances list |
| integrations.integrationInstances.patch | v1alpha | chronicle.soar.integration.integration_instances.update_integration_instance(api_version=APIVersion.V1ALPHA) | secops integration instances update |
| integrations.transformers.create | v1alpha | chronicle.soar.integration.transformers.create_integration_transformer | secops integration transformers create |
| integrations.transformers.delete | v1alpha | chronicle.soar.integration.transformers.delete_integration_transformer | secops integration transformers delete |
| integrations.transformers.executeTest | v1alpha | chronicle.soar.integration.transformers.execute_integration_transformer_test | secops integration transformers test |
| integrations.transformers.fetchTemplate | v1alpha | chronicle.soar.integration.transformers.get_integration_transformer_template | secops integration transformers template |
| integrations.transformers.get | v1alpha | chronicle.soar.integration.transformers.get_integration_transformer | secops integration transformers get |
| integrations.transformers.list | v1alpha | chronicle.soar.integration.transformers.list_integration_transformers | secops integration transformers list |
| integrations.transformers.patch | v1alpha | chronicle.soar.integration.transformers.update_integration_transformer | secops integration transformers update |
| integrations.transformers.revisions.create | v1alpha | chronicle.soar.integration.transformer_revisions.create_integration_transformer_revision | secops integration transformer-revisions create |
| integrations.transformers.revisions.delete | v1alpha | chronicle.soar.integration.transformer_revisions.delete_integration_transformer_revision | secops integration transformer-revisions delete |
| integrations.transformers.revisions.list | v1alpha | chronicle.soar.integration.transformer_revisions.list_integration_transformer_revisions | secops integration transformer-revisions list |
| integrations.transformers.revisions.rollback | v1alpha | chronicle.soar.integration.transformer_revisions.rollback_integration_transformer_revision | secops integration transformer-revisions rollback |
| integrations.logicalOperators.create | v1alpha | chronicle.soar.integration.logical_operators.create_integration_logical_operator | secops integration logical-operators create |
| integrations.logicalOperators.delete | v1alpha | chronicle.soar.integration.logical_operators.delete_integration_logical_operator | secops integration logical-operators delete |
| integrations.logicalOperators.executeTest | v1alpha | chronicle.soar.integration.logical_operators.execute_integration_logical_operator_test | secops integration logical-operators test |
| integrations.logicalOperators.fetchTemplate | v1alpha | chronicle.soar.integration.logical_operators.get_integration_logical_operator_template | secops integration logical-operators template |
| integrations.logicalOperators.get | v1alpha | chronicle.soar.integration.logical_operators.get_integration_logical_operator | secops integration logical-operators get |
| integrations.logicalOperators.list | v1alpha | chronicle.soar.integration.logical_operators.list_integration_logical_operators | secops integration logical-operators list |
| integrations.logicalOperators.patch | v1alpha | chronicle.soar.integration.logical_operators.update_integration_logical_operator | secops integration logical-operators update |
| integrations.logicalOperators.revisions.create | v1alpha | chronicle.soar.integration.logical_operator_revisions.create_integration_logical_operator_revision | secops integration logical-operator-revisions create |
| integrations.logicalOperators.revisions.delete | v1alpha | chronicle.soar.integration.logical_operator_revisions.delete_integration_logical_operator_revision | secops integration logical-operator-revisions delete |
| integrations.logicalOperators.revisions.list | v1alpha | chronicle.soar.integration.logical_operator_revisions.list_integration_logical_operator_revisions | secops integration logical-operator-revisions list |
| integrations.logicalOperators.revisions.rollback | v1alpha | chronicle.soar.integration.logical_operator_revisions.rollback_integration_logical_operator_revision | secops integration logical-operator-revisions rollback |
| integrations.jobs.create | v1alpha | chronicle.soar.integration.jobs.create_integration_job(api_version=APIVersion.V1ALPHA) | secops integration jobs create |
| integrations.jobs.delete | v1alpha | chronicle.soar.integration.jobs.delete_integration_job(api_version=APIVersion.V1ALPHA) | secops integration jobs delete |
| integrations.jobs.executeTest | v1alpha | chronicle.soar.integration.jobs.execute_integration_job_test(api_version=APIVersion.V1ALPHA) | secops integration jobs test |
| integrations.jobs.fetchTemplate | v1alpha | chronicle.soar.integration.jobs.get_integration_job_template(api_version=APIVersion.V1ALPHA) | secops integration jobs template |
| integrations.jobs.get | v1alpha | chronicle.soar.integration.jobs.get_integration_job(api_version=APIVersion.V1ALPHA) | secops integration jobs get |
| integrations.jobs.list | v1alpha | chronicle.soar.integration.jobs.list_integration_jobs(api_version=APIVersion.V1ALPHA) | secops integration jobs list |
| integrations.jobs.patch | v1alpha | chronicle.soar.integration.jobs.update_integration_job(api_version=APIVersion.V1ALPHA) | secops integration jobs update |
| integrations.managers.create | v1alpha | chronicle.soar.integration.managers.create_integration_manager(api_version=APIVersion.V1ALPHA) | secops integration managers create |
| integrations.managers.delete | v1alpha | chronicle.soar.integration.managers.delete_integration_manager(api_version=APIVersion.V1ALPHA) | secops integration managers delete |
| integrations.managers.fetchTemplate | v1alpha | chronicle.soar.integration.managers.get_integration_manager_template(api_version=APIVersion.V1ALPHA) | secops integration managers template |
| integrations.managers.get | v1alpha | chronicle.soar.integration.managers.get_integration_manager(api_version=APIVersion.V1ALPHA) | secops integration managers get |
| integrations.managers.list | v1alpha | chronicle.soar.integration.managers.list_integration_managers(api_version=APIVersion.V1ALPHA) | secops integration managers list |
| integrations.managers.patch | v1alpha | chronicle.soar.integration.managers.update_integration_manager(api_version=APIVersion.V1ALPHA) | secops integration managers update |
| integrations.managers.revisions.create | v1alpha | chronicle.soar.integration.manager_revisions.create_integration_manager_revision(api_version=APIVersion.V1ALPHA) | secops integration manager-revisions create |
| integrations.managers.revisions.delete | v1alpha | chronicle.soar.integration.manager_revisions.delete_integration_manager_revision(api_version=APIVersion.V1ALPHA) | secops integration manager-revisions delete |
| integrations.managers.revisions.get | v1alpha | chronicle.soar.integration.manager_revisions.get_integration_manager_revision(api_version=APIVersion.V1ALPHA) | secops integration manager-revisions get |
| integrations.managers.revisions.list | v1alpha | chronicle.soar.integration.manager_revisions.list_integration_manager_revisions(api_version=APIVersion.V1ALPHA) | secops integration manager-revisions list |
| integrations.managers.revisions.rollback | v1alpha | chronicle.soar.integration.manager_revisions.rollback_integration_manager_revision(api_version=APIVersion.V1ALPHA) | secops integration manager-revisions rollback |
| integrations.jobs.revisions.create | v1alpha | chronicle.soar.integration.job_revisions.create_integration_job_revision(api_version=APIVersion.V1ALPHA) | secops integration job-revisions create |
| integrations.jobs.revisions.delete | v1alpha | chronicle.soar.integration.job_revisions.delete_integration_job_revision(api_version=APIVersion.V1ALPHA) | secops integration job-revisions delete |
| integrations.jobs.revisions.list | v1alpha | chronicle.soar.integration.job_revisions.list_integration_job_revisions(api_version=APIVersion.V1ALPHA) | secops integration job-revisions list |
| integrations.jobs.revisions.rollback | v1alpha | chronicle.soar.integration.job_revisions.rollback_integration_job_revision(api_version=APIVersion.V1ALPHA) | secops integration job-revisions rollback |
| integrations.jobs.jobInstances.create | v1alpha | chronicle.soar.integration.job_instances.create_integration_job_instance(api_version=APIVersion.V1ALPHA) | secops integration job-instances create |
| integrations.jobs.jobInstances.delete | v1alpha | chronicle.soar.integration.job_instances.delete_integration_job_instance(api_version=APIVersion.V1ALPHA) | secops integration job-instances delete |
| integrations.jobs.jobInstances.get | v1alpha | chronicle.soar.integration.job_instances.get_integration_job_instance(api_version=APIVersion.V1ALPHA) | secops integration job-instances get |
| integrations.jobs.jobInstances.list | v1alpha | chronicle.soar.integration.job_instances.list_integration_job_instances(api_version=APIVersion.V1ALPHA) | secops integration job-instances list |
| integrations.jobs.jobInstances.patch | v1alpha | chronicle.soar.integration.job_instances.update_integration_job_instance(api_version=APIVersion.V1ALPHA) | secops integration job-instances update |
| integrations.jobs.jobInstances.runOnDemand | v1alpha | chronicle.soar.integration.job_instances.run_integration_job_instance_on_demand(api_version=APIVersion.V1ALPHA) | secops integration job-instances run-on-demand |
| integrations.jobs.contextProperties.clearAll | v1alpha | chronicle.soar.integration.job_context_properties.delete_all_job_context_properties(api_version=APIVersion.V1ALPHA) | secops integration job-context-properties delete-all |
| integrations.jobs.contextProperties.create | v1alpha | chronicle.soar.integration.job_context_properties.create_job_context_property(api_version=APIVersion.V1ALPHA) | secops integration job-context-properties create |
| integrations.jobs.contextProperties.delete | v1alpha | chronicle.soar.integration.job_context_properties.delete_job_context_property(api_version=APIVersion.V1ALPHA) | secops integration job-context-properties delete |
| integrations.jobs.contextProperties.get | v1alpha | chronicle.soar.integration.job_context_properties.get_job_context_property(api_version=APIVersion.V1ALPHA) | secops integration job-context-properties get |
| integrations.jobs.contextProperties.list | v1alpha | chronicle.soar.integration.job_context_properties.list_job_context_properties(api_version=APIVersion.V1ALPHA) | secops integration job-context-properties list |
| integrations.jobs.contextProperties.patch | v1alpha | chronicle.soar.integration.job_context_properties.update_job_context_property(api_version=APIVersion.V1ALPHA) | secops integration job-context-properties update |
| integrations.jobs.jobInstances.logs.get | v1alpha | chronicle.soar.integration.job_instance_logs.get_job_instance_log(api_version=APIVersion.V1ALPHA) | secops integration job-instance-logs get |
| integrations.jobs.jobInstances.logs.list | v1alpha | chronicle.soar.integration.job_instance_logs.list_job_instance_logs(api_version=APIVersion.V1ALPHA) | secops integration job-instance-logs list |
| investigations.fetchAssociated | v1alpha | chronicle.investigations.fetch_associated_investigations | secops investigation fetch-associated |
| investigations.get | v1alpha | chronicle.investigations.get_investigation | secops investigation get |
| investigations.list | v1alpha | chronicle.investigations.list_investigations | secops investigation list |
| investigations.trigger | v1alpha | chronicle.investigations.trigger_investigation | secops investigation trigger |
| iocs.batchGet | v1alpha | ||
| iocs.findFirstAndLastSeen | v1alpha | ||
| iocs.get | v1alpha | ||
| iocs.getIocState | v1alpha | ||
| iocs.searchCuratedDetectionsForIoc | v1alpha | ||
| iocs.updateIocState | v1alpha | ||
| legacy.legacyBatchGetCases | v1alpha | chronicle.case.get_cases_from_list | secops case |
| legacy.legacyBatchGetCollections | v1alpha | ||
| legacy.legacyCreateOrUpdateCase | v1alpha | ||
| legacy.legacyCreateSoarAlert | v1alpha | ||
| legacy.legacyFetchAlertsView | v1alpha | chronicle.alert.get_alerts | secops alert |
| legacy.legacyFetchUdmSearchCsv | v1alpha | chronicle.udm_search.fetch_udm_search_csv | secops search --csv |
| legacy.legacyFetchUdmSearchView | v1alpha | chronicle.udm_search.fetch_udm_search_view | secops udm-search-view |
| legacy.legacyFindAssetEvents | v1alpha | ||
| legacy.legacyFindRawLogs | v1alpha | ||
| legacy.legacyFindUdmEvents | v1alpha | ||
| legacy.legacyGetAlert | v1alpha | chronicle.rule_alert.get_alert | |
| legacy.legacyGetCuratedRulesTrends | v1alpha | ||
| legacy.legacyGetDetection | v1alpha | ||
| legacy.legacyGetEventForDetection | v1alpha | ||
| legacy.legacyGetRuleCounts | v1alpha | ||
| legacy.legacyGetRulesTrends | v1alpha | ||
| legacy.legacyListCases | v1alpha | chronicle.case.get_cases | secops case --ids |
| legacy.legacyRunTestRule | v1alpha | chronicle.rule.run_rule_test | secops rule validate |
| legacy.legacySearchArtifactEvents | v1alpha | ||
| legacy.legacySearchArtifactIoCDetails | v1alpha | ||
| legacy.legacySearchAssetEvents | v1alpha | ||
| legacy.legacySearchCuratedDetections | v1alpha | ||
| legacy.legacySearchCustomerStats | v1alpha | ||
| legacy.legacySearchDetections | v1alpha | chronicle.rule_detection.list_detections | |
| legacy.legacySearchDomainsRecentlyRegistered | v1alpha | ||
| legacy.legacySearchDomainsTimingStats | v1alpha | ||
| legacy.legacySearchEnterpriseWideAlerts | v1alpha | ||
| legacy.legacySearchEnterpriseWideIoCs | v1alpha | chronicle.ioc.list_iocs | secops iocs |
| legacy.legacySearchFindings | v1alpha | ||
| legacy.legacySearchIngestionStats | v1alpha | ||
| legacy.legacySearchIoCInsights | v1alpha | ||
| legacy.legacySearchRawLogs | v1alpha | ||
| legacy.legacySearchRuleDetectionCountBuckets | v1alpha | ||
| legacy.legacySearchRuleDetectionEvents | v1alpha | ||
| legacy.legacySearchRuleResults | v1alpha | ||
| legacy.legacySearchRulesAlerts | v1alpha | chronicle.rule_alert.search_rule_alerts | |
| legacy.legacySearchUserEvents | v1alpha | ||
| legacy.legacyStreamDetectionAlerts | v1alpha | ||
| legacy.legacyTestRuleStreaming | v1alpha | ||
| legacy.legacyUpdateAlert | v1alpha | chronicle.rule_alert.update_alert | |
| listAllFindingsRefinementDeployments | v1alpha | ||
| logProcessingPipelines.associateStreams | v1alpha | chronicle.log_processing_pipelines.associate_streams | secops log-processing associate-streams |
| logProcessingPipelines.create | v1alpha | chronicle.log_processing_pipelines.create_log_processing_pipeline | secops log-processing create |
| logProcessingPipelines.delete | v1alpha | chronicle.log_processing_pipelines.delete_log_processing_pipeline | secops log-processing delete |
| logProcessingPipelines.dissociateStreams | v1alpha | chronicle.log_processing_pipelines.dissociate_streams | secops log-processing dissociate-streams |
| logProcessingPipelines.fetchAssociatedPipeline | v1alpha | chronicle.log_processing_pipelines.fetch_associated_pipeline | secops log-processing fetch-associated |
| logProcessingPipelines.fetchSampleLogsByStreams | v1alpha | chronicle.log_processing_pipelines.fetch_sample_logs_by_streams | secops log-processing fetch-sample-logs |
| logProcessingPipelines.get | v1alpha | chronicle.log_processing_pipelines.get_log_processing_pipeline | secops log-processing get |
| logProcessingPipelines.list | v1alpha | chronicle.log_processing_pipelines.list_log_processing_pipelines | secops log-processing list |
| logProcessingPipelines.patch | v1alpha | chronicle.log_processing_pipelines.update_log_processing_pipeline | secops log-processing update |
| logProcessingPipelines.testPipeline | v1alpha | chronicle.log_processing_pipelines.test_pipeline | secops log-processing test |
| logTypes.create | v1alpha | ||
| logTypes.generateEventTypesSuggestions | v1alpha | ||
| logTypes.get | v1alpha | ||
| logTypes.getLogTypeSetting | v1alpha | ||
| logTypes.legacySubmitParserExtension | v1alpha | ||
| logTypes.list | v1alpha | ||
| logTypes.logs.export | v1alpha | ||
| logTypes.logs.get | v1alpha | ||
| logTypes.logs.import | v1alpha | chronicle.log_ingest.ingest_log | secops log ingest |
| logTypes.logs.list | v1alpha | ||
| logTypes.parserExtensions.activate | v1alpha | chronicle.parser_extension.activate_parser_extension | secops parser-extension activate |
| logTypes.parserExtensions.create | v1alpha | chronicle.parser_extension.create_parser_extension | secops parser-extension create |
| logTypes.parserExtensions.delete | v1alpha | chronicle.parser_extension.delete_parser_extension | secops parser-extension delete |
| logTypes.parserExtensions.extensionValidationReports.get | v1alpha | ||
| logTypes.parserExtensions.extensionValidationReports.list | v1alpha | ||
| logTypes.parserExtensions.extensionValidationReports.validationErrors.list | v1alpha | ||
| logTypes.parserExtensions.get | v1alpha | chronicle.parser_extension.get_parser_extension | secops parser-extension get |
| logTypes.parserExtensions.list | v1alpha | chronicle.parser_extension.list_parser_extensions | secops parser-extension list |
| logTypes.parserExtensions.validationReports.get | v1alpha | ||
| logTypes.parserExtensions.validationReports.parsingErrors.list | v1alpha | ||
| logTypes.parsers.activate | v1alpha | chronicle.parser.activate_parser | secops parser activate |
| logTypes.parsers.activateReleaseCandidateParser | v1alpha | chronicle.parser.activate_release_candidate | secops parser activate-rc |
| logTypes.parsers.copy | v1alpha | chronicle.parser.copy_parser | secops parser copy |
| logTypes.parsers.create | v1alpha | chronicle.parser.create_parser | secops parser create |
| logTypes.parsers.deactivate | v1alpha | chronicle.parser.deactivate_parser | secops parser deactivate |
| logTypes.parsers.delete | v1alpha | chronicle.parser.delete_parser | secops parser delete |
| logTypes.parsers.get | v1alpha | chronicle.parser.get_parser | secops parser get |
| logTypes.parsers.list | v1alpha | chronicle.parser.list_parsers | secops parser list |
| logTypes.parsers.validationReports.get | v1alpha | ||
| logTypes.parsers.validationReports.parsingErrors.list | v1alpha | ||
| logTypes.patch | v1alpha | ||
| logTypes.runParser | v1alpha | chronicle.parser.run_parser | secops parser run |
| logTypes.updateLogTypeSetting | v1alpha | ||
| logs.classify | v1alpha | chronicle.log_types.classify_logs | secops log classify |
| marketplaceIntegrations.get | v1alpha | chronicle.marketplace_integrations.get_marketplace_integration(api_version=APIVersion.V1ALPHA) | secops integration marketplace get |
| marketplaceIntegrations.getDiff | v1alpha | chronicle.marketplace_integrations.get_marketplace_integration_diff(api_version=APIVersion.V1ALPHA) | secops integration marketplace diff |
| marketplaceIntegrations.install | v1alpha | chronicle.marketplace_integrations.install_marketplace_integration(api_version=APIVersion.V1ALPHA) | secops integration marketplace install |
| marketplaceIntegrations.list | v1alpha | chronicle.marketplace_integrations.list_marketplace_integrations(api_version=APIVersion.V1ALPHA) | secops integration marketplace list |
| marketplaceIntegrations.uninstall | v1alpha | chronicle.marketplace_integrations.uninstall_marketplace_integration(api_version=APIVersion.V1ALPHA) | secops integration marketplace uninstall |
| nativeDashboards.addChart | v1alpha | chronicle.dashboard.add_chart | secops dashboard add-chart |
| nativeDashboards.create | v1alpha | chronicle.dashboard.create_dashboard | secops dashboard create |
| nativeDashboards.delete | v1alpha | chronicle.dashboard.delete_dashboard | secops dashboard delete |
| nativeDashboards.duplicate | v1alpha | chronicle.dashboard.duplicate_dashboard | secops dashboard duplicate |
| nativeDashboards.duplicateChart | v1alpha | ||
| nativeDashboards.editChart | v1alpha | chronicle.dashboard.edit_chart | secops dashboard edit-chart |
| nativeDashboards.export | v1alpha | chronicle.dashboard.export_dashboard | secops dashboard export |
| nativeDashboards.get | v1alpha | chronicle.dashboard.get_dashboard | secops dashboard get |
| nativeDashboards.import | v1alpha | chronicle.dashboard.import_dashboard | secops dashboard import |
| nativeDashboards.list | v1alpha | chronicle.dashboard.list_dashboards | secops dashboard list |
| nativeDashboards.patch | v1alpha | chronicle.dashboard.update_dashboard | secops dashboard update |
| nativeDashboards.removeChart | v1alpha | chronicle.dashboard.remove_chart | secops dashboard remove-chart |
| operations.cancel | v1alpha | ||
| operations.delete | v1alpha | ||
| operations.get | v1alpha | ||
| operations.list | v1alpha | ||
| operations.streamSearch | v1alpha | ||
| queryProductSourceStats | v1alpha | ||
| referenceLists.create | v1alpha | ||
| referenceLists.get | v1alpha | ||
| referenceLists.list | v1alpha | ||
| referenceLists.patch | v1alpha | ||
| report | v1alpha | ||
| ruleExecutionErrors.list | v1alpha | chronicle.rule_detection.list_errors | |
| rules.create | v1alpha | ||
| rules.delete | v1alpha | ||
| rules.deployments.list | v1alpha | ||
| rules.get | v1alpha | ||
| rules.getDeployment | v1alpha | ||
| rules.list | v1alpha | ||
| rules.listRevisions | v1alpha | ||
| rules.patch | v1alpha | ||
| rules.retrohunts.create | v1alpha | ||
| rules.retrohunts.get | v1alpha | ||
| rules.retrohunts.list | v1alpha | ||
| rules.updateDeployment | v1alpha | ||
| searchEntities | v1alpha | ||
| searchRawLogs | v1alpha | ||
| summarizeEntitiesFromQuery | v1alpha | chronicle.entity.summarize_entity | secops entity |
| summarizeEntity | v1alpha | chronicle.entity.summarize_entity | |
| testFindingsRefinement | v1alpha | ||
| translateUdmQuery | v1alpha | chronicle.nl_search.translate_nl_to_udm | |
| translateYlRule | v1alpha | ||
| udmSearch | v1alpha | chronicle.search.search_udm | secops search |
| undelete | v1alpha | ||
| updateBigQueryExport | v1alpha | ||
| updateRiskConfig | v1alpha | ||
| users.clearConversationHistory | v1alpha | ||
| users.conversations.create | v1alpha | chronicle.gemini.create_conversation | |
| users.conversations.delete | v1alpha | ||
| users.conversations.get | v1alpha | ||
| users.conversations.list | v1alpha | ||
| users.conversations.messages.create | v1alpha | chronicle.gemini.query_gemini | secops gemini |
| users.conversations.messages.delete | v1alpha | ||
| users.conversations.messages.get | v1alpha | ||
| users.conversations.messages.list | v1alpha | ||
| users.conversations.messages.patch | v1alpha | ||
| users.conversations.patch | v1alpha | ||
| users.getPreferenceSet | v1alpha | chronicle.gemini.opt_in_to_gemini | secops gemini --opt-in |
| users.searchQueries.create | v1alpha | ||
| users.searchQueries.delete | v1alpha | ||
| users.searchQueries.get | v1alpha | ||
| users.searchQueries.list | v1alpha | ||
| users.searchQueries.patch | v1alpha | ||
| users.updatePreferenceSet | v1alpha | ||
| validateQuery | v1alpha | chronicle.validate.validate_query | |
| verifyReferenceList | v1alpha | ||
| verifyRuleText | v1alpha | chronicle.rule_validation.validate_rule | secops rule validate |
| watchlists.create | v1alpha | ||
| watchlists.delete | v1alpha | ||
| watchlists.entities.add | v1alpha | ||
| watchlists.entities.batchAdd | v1alpha | ||
| watchlists.entities.batchRemove | v1alpha | ||
| watchlists.entities.remove | v1alpha | ||
| watchlists.get | v1alpha | ||
| watchlists.list | v1alpha | ||
| watchlists.listEntities | v1alpha | ||
| watchlists.patch | v1alpha | ||
| REST Resource | Version | secops-wrapper module | CLI Command |
| -------------------------------------------------------------------------------- | --------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------ |
| dataAccessLabels.create | v1 | ||
| dataAccessLabels.delete | v1 | ||
| dataAccessLabels.get | v1 | ||
| dataAccessLabels.list | v1 | ||
| dataAccessLabels.patch | v1 | ||
| dataAccessScopes.create | v1 | ||
| dataAccessScopes.delete | v1 | ||
| dataAccessScopes.get | v1 | ||
| dataAccessScopes.list | v1 | ||
| dataAccessScopes.patch | v1 | ||
| get | v1 | ||
| operations.cancel | v1 | ||
| operations.delete | v1 | ||
| operations.get | v1 | ||
| operations.list | v1 | ||
| referenceLists.create | v1 | chronicle.reference_list.create_reference_list | secops reference-list create |
| referenceLists.get | v1 | chronicle.reference_list.get_reference_list | secops reference-list get |
| referenceLists.list | v1 | chronicle.reference_list.list_reference_lists | secops reference-list list |
| referenceLists.patch | v1 | chronicle.reference_list.update_reference_list | secops reference-list update |
| rules.create | v1 | chronicle.rule.create_rule | secops rule create |
| rules.delete | v1 | chronicle.rule.delete_rule | secops rule delete |
| rules.deployments.list | v1 | ||
| rules.get | v1 | chronicle.rule.get_rule | secops rule get |
| rules.getDeployment | v1 | ||
| rules.list | v1 | chronicle.rule.list_rules | secops rule list |
| rules.listRevisions | v1 | ||
| rules.patch | v1 | chronicle.rule.update_rule | secops rule update |
| rules.retrohunts.create | v1 | chronicle.rule_retrohunt.create_retrohunt | secops rule-retrohunt create |
| rules.retrohunts.get | v1 | chronicle.rule_retrohunt.get_retrohunt | secops rule-retrohunt get |
| rules.retrohunts.list | v1 | chronicle.rule_retrohunt.list_retrohunts | secops rule-retrohunt list |
| rules.updateDeployment | v1 | chronicle.rule.enable_rule | secops rule enable |
| watchlists.create | v1 | chronicle.watchlist.create_watchlist | secops watchlist create |
| watchlists.delete | v1 | chronicle.watchlist.delete_watchlist | secops watchlist delete |
| watchlists.get | v1 | chronicle.watchlist.get_watchlist | secops watchlist get |
| watchlists.list | v1 | chronicle.watchlist.list_watchlists | secops watchlist list |
| watchlists.patch | v1 | chronicle.watchlist.update_watchlist | secops watchlist update |
| dataAccessLabels.create | v1beta | ||
| dataAccessLabels.delete | v1beta | ||
| dataAccessLabels.get | v1beta | ||
| dataAccessLabels.list | v1beta | ||
| dataAccessLabels.patch | v1beta | ||
| dataAccessScopes.create | v1beta | ||
| dataAccessScopes.delete | v1beta | ||
| dataAccessScopes.get | v1beta | ||
| dataAccessScopes.list | v1beta | ||
| dataAccessScopes.patch | v1beta | ||
| get | v1beta | ||
| operations.cancel | v1beta | ||
| operations.delete | v1beta | ||
| operations.get | v1beta | ||
| operations.list | v1beta | ||
| referenceLists.create | v1beta | ||
| referenceLists.get | v1beta | ||
| referenceLists.list | v1beta | ||
| referenceLists.patch | v1beta | ||
| rules.create | v1beta | ||
| rules.delete | v1beta | ||
| rules.deployments.list | v1beta | ||
| rules.get | v1beta | ||
| rules.getDeployment | v1beta | ||
| rules.list | v1beta | ||
| rules.listRevisions | v1beta | ||
| rules.patch | v1beta | ||
| rules.retrohunts.create | v1beta | ||
| rules.retrohunts.get | v1beta | ||
| rules.retrohunts.list | v1beta | ||
| rules.updateDeployment | v1beta | ||
| watchlists.create | v1beta | ||
| watchlists.delete | v1beta | ||
| watchlists.get | v1beta | ||
| watchlists.list | v1beta | ||
| watchlists.patch | v1beta | ||
| cases.executeBulkAddTag | v1beta | chronicle.case.execute_bulk_add_tag | secops case bulk-add-tag |
| cases.executeBulkAssign | v1beta | chronicle.case.execute_bulk_assign | secops case bulk-assign |
| cases.executeBulkChangePriority | v1beta | chronicle.case.execute_bulk_change_priority | secops case bulk-change-priority |
| cases.executeBulkChangeStage | v1beta | chronicle.case.execute_bulk_change_stage | secops case bulk-change-stage |
| cases.executeBulkClose | v1beta | chronicle.case.execute_bulk_close | secops case bulk-close |
| cases.executeBulkReopen | v1beta | chronicle.case.execute_bulk_reopen | secops case bulk-reopen |
| cases.get | v1beta | chronicle.case.get_case | secops case get |
| cases.list | v1beta | chronicle.case.list_cases | secops case list |
| cases.merge | v1beta | chronicle.case.merge_cases | secops case merge |
| cases.patch | v1beta | chronicle.case.patch_case | secops case update |
| analytics.entities.analyticValues.list | v1alpha | ||
| analytics.list | v1alpha | ||
| batchValidateWatchlistEntities | v1alpha | ||
| bigQueryAccess.provide | v1alpha | ||
| bigQueryExport.provision | v1alpha | ||
| cases.countPriorities | v1alpha | ||
| contentHub.featuredContentRules.list | v1alpha | chronicle.featured_content_rules.list_featured_content_rules | secops featured-content-rules list |
| curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments.batchUpdate | v1alpha | chronicle.rule_set.batch_update_curated_rule_set_deployments | |
| curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments.patch | v1alpha | chronicle.rule_set.update_curated_rule_set_deployment | secops curated-rule rule-set-deployment update |
| curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments.list | v1alpha | chronicle.rule_set.list_curated_rule_set_deployments | secops curated-rule rule-set-deployment list |
| curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments.get | v1alpha | chronicle.rule_set.get_curated_rule_set_deployment chronicle.rule_set.get_curated_rule_set_deployment_by_name |
secops curated-rule rule-set-deployment get |
| curatedRuleSetCategories.curatedRuleSets.get | v1alpha | chronicle.rule_set.get_curated_rule_set | secops curated-rule rule-set get |
| curatedRuleSetCategories.curatedRuleSets.list | v1alpha | chronicle.rule_set.list_curated_rule_sets | secops curated-rule rule-set list |
| curatedRuleSetCategories.get | v1alpha | chronicle.rule_set.get_curated_rule_set_category | secops curated-rule rule-set-category get |
| curatedRuleSetCategories.list | v1alpha | chronicle.rule_set.list_curated_rule_set_categories | secops curated-rule rule-set-category list |
| curatedRules.get | v1alpha | chronicle.rule_set.get_curated_rule chronicle.rule_set.get_curated_rule_by_name |
secops curated-rule rule get |
| curatedRules.list | v1alpha | chronicle.rule_set.list_curated_rules | secops curated-rule rule list |
| dashboardCharts.batchGet | v1alpha | ||
| dashboardCharts.get | v1alpha | chronicle.dashboard.get_chart | secops dashboard get-chart |
| dashboardQueries.execute | v1alpha | chronicle.dashboard_query.execute_query | secops dashboard-query execute |
| dashboardQueries.get | v1alpha | chronicle.dashboard_query.get_execute_query | secops dashboard-query get |
| dashboards.copy | v1alpha | ||
| dashboards.create | v1alpha | ||
| dashboards.delete | v1alpha | ||
| dashboards.get | v1alpha | ||
| dashboards.list | v1alpha | ||
| dataAccessLabels.create | v1alpha | ||
| dataAccessLabels.delete | v1alpha | ||
| dataAccessLabels.get | v1alpha | ||
| dataAccessLabels.list | v1alpha | ||
| dataAccessLabels.patch | v1alpha | ||
| dataAccessScopes.create | v1alpha | ||
| dataAccessScopes.delete | v1alpha | ||
| dataAccessScopes.get | v1alpha | ||
| dataAccessScopes.list | v1alpha | ||
| dataAccessScopes.patch | v1alpha | ||
| dataExports.cancel | v1alpha | chronicle.data_export.cancel_data_export | secops export cancel |
| dataExports.create | v1alpha | chronicle.data_export.create_data_export | secops export create |
| dataExports.fetchavailablelogtypes | v1alpha | chronicle.data_export.fetch_available_log_types | secops export log-types |
| dataExports.get | v1alpha | chronicle.data_export.get_data_export | secops export status |
| dataExports.list | v1alpha | chronicle.data_export.list_data_export | secops export list |
| dataExports.patch | v1alpha | chronicle.data_export.update_data_export | secops export update |
| dataTableOperationErrors.get | v1alpha | ||
| dataTables.create | v1alpha | chronicle.data_table.create_data_table | secops data-table create |
| dataTables.dataTableRows.bulkCreate | v1alpha | chronicle.data_table.create_data_table_rows | secops data-table add-rows |
| dataTables.dataTableRows.bulkCreateAsync | v1alpha | ||
| dataTables.dataTableRows.bulkGet | v1alpha | ||
| dataTables.dataTableRows.bulkReplace | v1alpha | chronicle.data_table.replace_data_table_rows | secops data-table replace-rows |
| dataTables.dataTableRows.bulkReplaceAsync | v1alpha | ||
| dataTables.dataTableRows.bulkUpdate | v1alpha | chronicle.data_table.update_data_table_rows | secops data-table update-rows |
| dataTables.dataTableRows.bulkUpdateAsync | v1alpha | ||
| dataTables.dataTableRows.create | v1alpha | ||
| dataTables.dataTableRows.delete | v1alpha | chronicle.data_table.delete_data_table_rows | secops data-table delete-rows |
| dataTables.dataTableRows.get | v1alpha | ||
| dataTables.dataTableRows.list | v1alpha | chronicle.data_table.list_data_table_rows | secops data-table list-rows |
| dataTables.dataTableRows.patch | v1alpha | ||
| dataTables.delete | v1alpha | chronicle.data_table.delete_data_table | secops data-table delete |
| dataTables.get | v1alpha | chronicle.data_table.get_data_table | secops data-table get |
| dataTables.list | v1alpha | chronicle.data_table.list_data_tables | secops data-table list |
| dataTables.patch | v1alpha | ||
| dataTables.upload | v1alpha | ||
| dataTaps.create | v1alpha | ||
| dataTaps.delete | v1alpha | ||
| dataTaps.get | v1alpha | ||
| dataTaps.list | v1alpha | ||
| dataTaps.patch | v1alpha | ||
| delete | v1alpha | ||
| enrichmentControls.create | v1alpha | ||
| enrichmentControls.delete | v1alpha | ||
| enrichmentControls.get | v1alpha | ||
| enrichmentControls.list | v1alpha | ||
| entities.get | v1alpha | ||
| entities.import | v1alpha | chronicle.log_ingest.import_entities | secops entity import |
| entities.modifyEntityRiskScore | v1alpha | ||
| entities.queryEntityRiskScoreModifications | v1alpha | ||
| entityRiskScores.query | v1alpha | ||
| errorNotificationConfigs.create | v1alpha | ||
| errorNotificationConfigs.delete | v1alpha | ||
| errorNotificationConfigs.get | v1alpha | ||
| errorNotificationConfigs.list | v1alpha | ||
| errorNotificationConfigs.patch | v1alpha | ||
| events.batchGet | v1alpha | ||
| events.get | v1alpha | ||
| events.import | v1alpha | chronicle.log_ingest.ingest_udm | secops log ingest-udm |
| extractSyslog | v1alpha | ||
| federationGroups.create | v1alpha | ||
| federationGroups.delete | v1alpha | ||
| federationGroups.get | v1alpha | ||
| federationGroups.list | v1alpha | ||
| federationGroups.patch | v1alpha | ||
| feedPacks.get | v1alpha | ||
| feedPacks.list | v1alpha | ||
| feedServiceAccounts.fetchServiceAccountForCustomer | v1alpha | ||
| feedSourceTypeSchemas.list | v1alpha | ||
| feedSourceTypeSchemas.logTypeSchemas.list | v1alpha | ||
| feeds.create | v1alpha | chronicle.feeds.create_feed | secops feed create |
| feeds.delete | v1alpha | chronicle.feeds.delete_feed | secops feed delete |
| feeds.disable | v1alpha | chronicle.feeds.disable_feed | secops feed disable |
| feeds.enable | v1alpha | chronicle.feeds.enable_feed | secops feed enable |
| feeds.generateSecret | v1alpha | chronicle.feeds.generate_secret | secops feed secret |
| feeds.get | v1alpha | chronicle.feeds.get_feed | secops feed get |
| feeds.importPushLogs | v1alpha | ||
| feeds.list | v1alpha | chronicle.feeds.list_feeds | secops feed list |
| feeds.patch | v1alpha | chronicle.feeds.update_feed | secops feed update |
| feeds.scheduleTransfer | v1alpha | ||
| fetchFederationAccess | v1alpha | ||
| findEntity | v1alpha | ||
| findEntityAlerts | v1alpha | ||
| findRelatedEntities | v1alpha | ||
| findUdmFieldValues | v1alpha | ||
| findingsGraph.exploreNode | v1alpha | ||
| findingsGraph.initializeGraph | v1alpha | ||
| findingsRefinements.computeFindingsRefinementActivity | v1alpha | chronicle.rule_exclusion.compute_rule_exclusion_activity | secops rule-exclusion compute-activity |
| findingsRefinements.create | v1alpha | chronicle.rule_exclusion.create_rule_exclusion | secops rule-exclusion create |
| findingsRefinements.get | v1alpha | chronicle.rule_exclusion.get_rule_exclusion | secops rule-exclusion get |
| findingsRefinements.getDeployment | v1alpha | chronicle.rule_exclusion.get_rule_exclusion_deployment | secops rule-exclusion get-deployment |
| findingsRefinements.list | v1alpha | chronicle.rule_exclusion.list_rule_exclusions | secops rule-exclusion list |
| findingsRefinements.patch | v1alpha | chronicle.rule_exclusion.patch_rule_exclusion | secops rule-exclusion update |
| findingsRefinements.updateDeployment | v1alpha | chronicle.rule_exclusion.update_rule_exclusion_deployment | secops rule-exclusion update-deployment |
| forwarders.collectors.create | v1alpha | ||
| forwarders.collectors.delete | v1alpha | ||
| forwarders.collectors.get | v1alpha | ||
| forwarders.collectors.list | v1alpha | ||
| forwarders.collectors.patch | v1alpha | ||
| forwarders.create | v1alpha | chronicle.log_ingest.create_forwarder | secops forwarder create |
| forwarders.delete | v1alpha | chronicle.log_ingest.delete_forwarder | secops forwarder delete |
| forwarders.generateForwarderFiles | v1alpha | ||
| forwarders.get | v1alpha | chronicle.log_ingest.get_forwarder | secops forwarder get |
| forwarders.importStatsEvents | v1alpha | ||
| forwarders.list | v1alpha | chronicle.log_ingest.list_forwarder | secops forwarder list |
| forwarders.patch | v1alpha | chronicle.log_ingest.update_forwarder | secops forwarder update |
| generateCollectionAgentAuth | v1alpha | ||
| generateSoarAuthJwt | v1alpha | ||
| generateUdmKeyValueMappings | v1alpha | ||
| generateWorkspaceConnectionToken | v1alpha | ||
| get | v1alpha | ||
| getBigQueryExport | v1alpha | ||
| getMultitenantDirectory | v1alpha | ||
| getRiskConfig | v1alpha | ||
| ingestionLogLabels.get | v1alpha | ||
| ingestionLogLabels.list | v1alpha | ||
| ingestionLogNamespaces.get | v1alpha | ||
| ingestionLogNamespaces.list | v1alpha | ||
| investigations.fetchAssociated | v1alpha | chronicle.investigations.fetch_associated_investigations | secops investigation fetch-associated |
| investigations.get | v1alpha | chronicle.investigations.get_investigation | secops investigation get |
| investigations.list | v1alpha | chronicle.investigations.list_investigations | secops investigation list |
| investigations.trigger | v1alpha | chronicle.investigations.trigger_investigation | secops investigation trigger |
| iocs.batchGet | v1alpha | ||
| iocs.findFirstAndLastSeen | v1alpha | ||
| iocs.get | v1alpha | ||
| iocs.getIocState | v1alpha | ||
| iocs.searchCuratedDetectionsForIoc | v1alpha | ||
| iocs.updateIocState | v1alpha | ||
| legacy.legacyBatchGetCases | v1alpha | chronicle.case.get_cases_from_list | secops case |
| legacy.legacyBatchGetCollections | v1alpha | ||
| legacy.legacyCreateOrUpdateCase | v1alpha | ||
| legacy.legacyCreateSoarAlert | v1alpha | ||
| legacy.legacyFetchAlertsView | v1alpha | chronicle.alert.get_alerts | secops alert |
| legacy.legacyFetchUdmSearchCsv | v1alpha | chronicle.udm_search.fetch_udm_search_csv | secops search --csv |
| legacy.legacyFetchUdmSearchView | v1alpha | chronicle.udm_search.fetch_udm_search_view | secops udm-search-view |
| legacy.legacyFindAssetEvents | v1alpha | ||
| legacy.legacyFindRawLogs | v1alpha | ||
| legacy.legacyFindUdmEvents | v1alpha | ||
| legacy.legacyGetAlert | v1alpha | chronicle.rule_alert.get_alert | |
| legacy.legacyGetCuratedRulesTrends | v1alpha | ||
| legacy.legacyGetDetection | v1alpha | ||
| legacy.legacyGetEventForDetection | v1alpha | ||
| legacy.legacyGetRuleCounts | v1alpha | ||
| legacy.legacyGetRulesTrends | v1alpha | ||
| legacy.legacyListCases | v1alpha | chronicle.case.get_cases | secops case --ids |
| legacy.legacyRunTestRule | v1alpha | chronicle.rule.run_rule_test | secops rule validate |
| legacy.legacySearchArtifactEvents | v1alpha | ||
| legacy.legacySearchArtifactIoCDetails | v1alpha | ||
| legacy.legacySearchAssetEvents | v1alpha | ||
| legacy.legacySearchCuratedDetections | v1alpha | ||
| legacy.legacySearchCustomerStats | v1alpha | ||
| legacy.legacySearchDetections | v1alpha | chronicle.rule_detection.list_detections | |
| legacy.legacySearchDomainsRecentlyRegistered | v1alpha | ||
| legacy.legacySearchDomainsTimingStats | v1alpha | ||
| legacy.legacySearchEnterpriseWideAlerts | v1alpha | ||
| legacy.legacySearchEnterpriseWideIoCs | v1alpha | chronicle.ioc.list_iocs | secops iocs |
| legacy.legacySearchFindings | v1alpha | ||
| legacy.legacySearchIngestionStats | v1alpha | ||
| legacy.legacySearchIoCInsights | v1alpha | ||
| legacy.legacySearchRawLogs | v1alpha | ||
| legacy.legacySearchRuleDetectionCountBuckets | v1alpha | ||
| legacy.legacySearchRuleDetectionEvents | v1alpha | ||
| legacy.legacySearchRuleResults | v1alpha | ||
| legacy.legacySearchRulesAlerts | v1alpha | chronicle.rule_alert.search_rule_alerts | |
| legacy.legacySearchUserEvents | v1alpha | ||
| legacy.legacyStreamDetectionAlerts | v1alpha | ||
| legacy.legacyTestRuleStreaming | v1alpha | ||
| legacy.legacyUpdateAlert | v1alpha | chronicle.rule_alert.update_alert | |
| listAllFindingsRefinementDeployments | v1alpha | ||
| logTypes.create | v1alpha | ||
| logTypes.generateEventTypesSuggestions | v1alpha | ||
| logTypes.get | v1alpha | ||
| logTypes.getLogTypeSetting | v1alpha | ||
| logTypes.legacySubmitParserExtension | v1alpha | ||
| logTypes.list | v1alpha | ||
| logTypes.logs.export | v1alpha | ||
| logTypes.logs.get | v1alpha | ||
| logTypes.logs.import | v1alpha | chronicle.log_ingest.ingest_log | secops log ingest |
| logTypes.logs.list | v1alpha | ||
| logTypes.parserExtensions.activate | v1alpha | chronicle.parser_extension.activate_parser_extension | secops parser-extension activate |
| logTypes.parserExtensions.create | v1alpha | chronicle.parser_extension.create_parser_extension | secops parser-extension create |
| logTypes.parserExtensions.delete | v1alpha | chronicle.parser_extension.delete_parser_extension | secops parser-extension delete |
| logTypes.parserExtensions.extensionValidationReports.get | v1alpha | ||
| logTypes.parserExtensions.extensionValidationReports.list | v1alpha | ||
| logTypes.parserExtensions.extensionValidationReports.validationErrors.list | v1alpha | ||
| logTypes.parserExtensions.get | v1alpha | chronicle.parser_extension.get_parser_extension | secops parser-extension get |
| logTypes.parserExtensions.list | v1alpha | chronicle.parser_extension.list_parser_extensions | secops parser-extension list |
| logTypes.parserExtensions.validationReports.get | v1alpha | ||
| logTypes.parserExtensions.validationReports.parsingErrors.list | v1alpha | ||
| logTypes.parsers.activate | v1alpha | chronicle.parser.activate_parser | secops parser activate |
| logTypes.parsers.activateReleaseCandidateParser | v1alpha | chronicle.parser.activate_release_candidate | secops parser activate-rc |
| logTypes.parsers.copy | v1alpha | chronicle.parser.copy_parser | secops parser copy |
| logTypes.parsers.create | v1alpha | chronicle.parser.create_parser | secops parser create |
| logTypes.parsers.deactivate | v1alpha | chronicle.parser.deactivate_parser | secops parser deactivate |
| logTypes.parsers.delete | v1alpha | chronicle.parser.delete_parser | secops parser delete |
| logTypes.parsers.get | v1alpha | chronicle.parser.get_parser | secops parser get |
| logTypes.parsers.list | v1alpha | chronicle.parser.list_parsers | secops parser list |
| logTypes.parsers.validationReports.get | v1alpha | ||
| logTypes.parsers.validationReports.parsingErrors.list | v1alpha | ||
| logTypes.patch | v1alpha | ||
| logTypes.runParser | v1alpha | chronicle.parser.run_parser | secops parser run |
| logTypes.updateLogTypeSetting | v1alpha | ||
| logProcessingPipelines.associateStreams | v1alpha | chronicle.log_processing_pipelines.associate_streams | secops log-processing associate-streams |
| logProcessingPipelines.create | v1alpha | chronicle.log_processing_pipelines.create_log_processing_pipeline | secops log-processing create |
| logProcessingPipelines.delete | v1alpha | chronicle.log_processing_pipelines.delete_log_processing_pipeline | secops log-processing delete |
| logProcessingPipelines.dissociateStreams | v1alpha | chronicle.log_processing_pipelines.dissociate_streams | secops log-processing dissociate-streams |
| logProcessingPipelines.fetchAssociatedPipeline | v1alpha | chronicle.log_processing_pipelines.fetch_associated_pipeline | secops log-processing fetch-associated |
| logProcessingPipelines.fetchSampleLogsByStreams | v1alpha | chronicle.log_processing_pipelines.fetch_sample_logs_by_streams | secops log-processing fetch-sample-logs |
| logProcessingPipelines.get | v1alpha | chronicle.log_processing_pipelines.get_log_processing_pipeline | secops log-processing get |
| logProcessingPipelines.list | v1alpha | chronicle.log_processing_pipelines.list_log_processing_pipelines | secops log-processing list |
| logProcessingPipelines.patch | v1alpha | chronicle.log_processing_pipelines.update_log_processing_pipeline | secops log-processing update |
| logProcessingPipelines.testPipeline | v1alpha | chronicle.log_processing_pipelines.test_pipeline | secops log-processing test |
| logs.classify | v1alpha | chronicle.log_types.classify_logs | secops log classify |
| nativeDashboards.addChart | v1alpha | chronicle.dashboard.add_chart | secops dashboard add-chart |
| nativeDashboards.create | v1alpha | chronicle.dashboard.create_dashboard | secops dashboard create |
| nativeDashboards.delete | v1alpha | chronicle.dashboard.delete_dashboard | secops dashboard delete |
| nativeDashboards.duplicate | v1alpha | chronicle.dashboard.duplicate_dashboard | secops dashboard duplicate |
| nativeDashboards.duplicateChart | v1alpha | ||
| nativeDashboards.editChart | v1alpha | chronicle.dashboard.edit_chart | secops dashboard edit-chart |
| nativeDashboards.export | v1alpha | chronicle.dashboard.export_dashboard | secops dashboard export |
| nativeDashboards.get | v1alpha | chronicle.dashboard.get_dashboard | secops dashboard get |
| nativeDashboards.import | v1alpha | chronicle.dashboard.import_dashboard | secops dashboard import |
| nativeDashboards.list | v1alpha | chronicle.dashboard.list_dashboards | secops dashboard list |
| nativeDashboards.patch | v1alpha | chronicle.dashboard.update_dashboard | secops dashboard update |
| nativeDashboards.removeChart | v1alpha | chronicle.dashboard.remove_chart | secops dashboard remove-chart |
| operations.cancel | v1alpha | ||
| operations.delete | v1alpha | ||
| operations.get | v1alpha | ||
| operations.list | v1alpha | ||
| operations.streamSearch | v1alpha | ||
| queryProductSourceStats | v1alpha | ||
| referenceLists.create | v1alpha | ||
| referenceLists.get | v1alpha | ||
| referenceLists.list | v1alpha | ||
| referenceLists.patch | v1alpha | ||
| report | v1alpha | ||
| ruleExecutionErrors.list | v1alpha | chronicle.rule_detection.list_errors | |
| rules.create | v1alpha | ||
| rules.delete | v1alpha | ||
| rules.deployments.list | v1alpha | ||
| rules.get | v1alpha | ||
| rules.getDeployment | v1alpha | ||
| rules.list | v1alpha | ||
| rules.listRevisions | v1alpha | ||
| rules.patch | v1alpha | ||
| rules.retrohunts.create | v1alpha | ||
| rules.retrohunts.get | v1alpha | ||
| rules.retrohunts.list | v1alpha | ||
| rules.updateDeployment | v1alpha | ||
| searchEntities | v1alpha | ||
| searchRawLogs | v1alpha | chronicle.log_search.search_raw_logs | secops search raw-logs |
| summarizeEntitiesFromQuery | v1alpha | chronicle.entity.summarize_entity | secops entity |
| summarizeEntity | v1alpha | chronicle.entity.summarize_entity | |
| testFindingsRefinement | v1alpha | ||
| translateUdmQuery | v1alpha | chronicle.nl_search.translate_nl_to_udm | |
| translateYlRule | v1alpha | ||
| udmSearch | v1alpha | chronicle.search.search_udm | secops search |
| undelete | v1alpha | ||
| updateBigQueryExport | v1alpha | ||
| updateRiskConfig | v1alpha | ||
| users.clearConversationHistory | v1alpha | ||
| users.conversations.create | v1alpha | chronicle.gemini.create_conversation | |
| users.conversations.delete | v1alpha | ||
| users.conversations.get | v1alpha | ||
| users.conversations.list | v1alpha | ||
| users.conversations.messages.create | v1alpha | chronicle.gemini.query_gemini | secops gemini |
| users.conversations.messages.delete | v1alpha | ||
| users.conversations.messages.get | v1alpha | ||
| users.conversations.messages.list | v1alpha | ||
| users.conversations.messages.patch | v1alpha | ||
| users.conversations.patch | v1alpha | ||
| users.getPreferenceSet | v1alpha | chronicle.gemini.opt_in_to_gemini | secops gemini --opt-in |
| users.searchQueries.create | v1alpha | ||
| users.searchQueries.delete | v1alpha | ||
| users.searchQueries.get | v1alpha | ||
| users.searchQueries.list | v1alpha | ||
| users.searchQueries.patch | v1alpha | ||
| users.updatePreferenceSet | v1alpha | ||
| validateQuery | v1alpha | chronicle.validate.validate_query | |
| verifyReferenceList | v1alpha | ||
| verifyRuleText | v1alpha | chronicle.rule_validation.validate_rule | secops rule validate |
| watchlists.create | v1alpha | ||
| watchlists.delete | v1alpha | ||
| watchlists.entities.add | v1alpha | ||
| watchlists.entities.batchAdd | v1alpha | ||
| watchlists.entities.batchRemove | v1alpha | ||
| watchlists.entities.remove | v1alpha | ||
| watchlists.get | v1alpha | ||
| watchlists.list | v1alpha | ||
| watchlists.listEntities | v1alpha | ||
| watchlists.patch | v1alpha |