SecOps SDK

raw JSON →
0.43.0 verified Mon Apr 27 auth: no python

Python SDK for wrapping the Google SecOps API for common use cases. Version 0.43.0, MIT license, pre-1.0 rapid development with frequent breaking changes.

pip install secops

Common errors

error google.auth.exceptions.DefaultCredentialsError: Could not automatically determine credentials.
cause No service account JSON or ADC environment configured.
fix
Set SERVICE_ACCOUNT_JSON environment variable or run gcloud auth application-default login.
error AttributeError: 'SecOpsClient' object has no attribute 'query'
cause The query() method was removed in 0.42.0.
fix
Use client.search() instead of client.query().
error TypeError: 'generator' object is not subscriptable
cause search() returns a generator, not a list.
fix
Wrap call in list(): results = list(client.search(...))

Warnings

breaking The search() method now returns a generator instead of a list. Iterate or use list() explicitly.
fix Use list(results) if you need a list, or iterate directly.
gotcha Service account JSON must be the full key content, not a file path. Using a path will fail silently.
fix Read the file contents with open().read() before passing.
deprecated The 'query' parameter in client.query() is deprecated. Use search() instead.
fix Replace client.query(...) with client.search(...).

Imports

Quickstart

Create a client using service account JSON from environment variable, then run a basic search.

from secops import SecOpsClient
import os

client = SecOpsClient(service_account_json=os.environ.get('SERVICE_ACCOUNT_JSON', ''))
# Perform a search
results = client.search('SELECT * FROM events LIMIT 10')
print(results)
last verified Mon Apr 27
next check Sun Jul 26