search/ list structured query events 403

chronicle / api-samples-python

Python samples and utilities for Chronicle APIs

https://chronicle.security

Apache License 2.0

78 stars 35 forks source link

search/ list structured query events 403 #115

Open sanderlegit opened 2 years ago

sanderlegit commented 2 years ago

I've run into an issue when trying to access the structured query events api. When called with valid credentials as follows: python -m search.list_structured_query_events -c "pathtocreds" -ts 2022-05-01T00:00:00Z -te 2022-05-02T00:00:00Z -rq ".*" It returns: { "error": { "code": 403, "message": "The caller does not have permission", "status": "PERMISSION_DENIED" } } I also cannot find any documentation for it. Does it only support UDM? And can logtype/source be filtered for?

goog-cmmartin commented 2 years ago

Hi @sanderlegit - this code sample is for the Structured Query API; however, the API is not generally available at this time, and hence the 403 error code being returned.