Command line tool to interact with Google Security Operations' APIs.
Google Security Operations CLI allows customers to manage various operations that can be performed on Google Security Operations. This script provides a command line tool to interact with Feed, Parser, Forwarder and BigQuery APIs. It will gradually expand to cover other APIs.
Follow these instructions: https://cloud.google.com/python/setup
You may skip installing the Cloud Client Libraries and the Cloud SDK, they are unnecessary for interacting with Google Security Operations.
After creating and activating the virtual environment venv, clone the repository using following command:
git clone https://github.com/chronicle/cli.gitAfter cloning, switch directory to cli and install Python library dependencies by running this command:
cd cli
pip install -r requirements.txtIt is assumed that you're using Python 3.7 or above.
https://cloud.google.com/python/docs/setup
Go to root directory and execute following command:\
python3 -m pip install --editable .Running the samples requires a JSON credentials file. By default, all the
samples try to use the file chronicle_credentials.json from inside a hidden
directory .chronicle_cli in the user's home directory. If this file is not
found, you need to specify it explicitly by adding the following argument to the
sample's command-line:
--credential_file <path>chronicle_cli --helpExecute the following command from root directory:\
python3 -m pytest --cov=./ --cov-report term-missing -vvhttps://cloud.google.com/chronicle/docs/preview/cli-user-guide/cli-user-guide