Command line tool to interact with Google Security Operations' APIs.

Google Security Operations CLI allows customers to manage various operations that can be performed on Google Security Operations. This script provides a command line tool to interact with Feed, Parser, Forwarder and BigQuery APIs. It will gradually expand to cover other APIs.

Follow these instructions: https://cloud.google.com/python/setup

You may skip installing the Cloud Client Libraries and the Cloud SDK, they are unnecessary for interacting with Google Security Operations.

After creating and activating the virtual environment venv, clone the repository using following command:

git clone https://github.com/chronicle/cli.git

After cloning, switch directory to cli and install Python library dependencies by running this command:

cd cli
pip install -r requirements.txt

It is assumed that you're using Python 3.7 or above.

https://cloud.google.com/python/docs/setup

Go to root directory and execute following command:\

python3 -m pip install --editable .

Running the samples requires a JSON credentials file. By default, all the samples try to use the file chronicle_credentials.json from inside a hidden directory .chronicle_cli in the user's home directory. If this file is not found, you need to specify it explicitly by adding the following argument to the sample's command-line:

--credential_file <path>

chronicle_cli --help

Execute the following command from root directory:\

python3 -m pytest --cov=./ --cov-report term-missing -vv

https://cloud.google.com/chronicle/docs/preview/cli-user-guide/cli-user-guide