The response from some of the logs cause the following error:
str type expected (type=type_error.str)
events -> 96 -> userNames
str type expected (type=type_error.str)
and this is caused by the fact that userNames and userIds are lists not strings.
I temporarily patched this using this as audit_log model:
events: List[Dict[Optional[str], Union[Optional[str], Optional[list]]]] = Field(
None, description="A list of zero or more events matching the given criteria."
)
To replicate the issue have a "type$": "watchlist_definition.included_users_added" in your audit logs and try to pull them via the sdk.
When requesting Audit Logs (via the
audit_log.v1.iter_allcall) some of the logs return fail the validation of AuditEventsPage. The current Model is defined in: https://github.com/code42/incydr_python/blob/main/src/_incydr_sdk/audit_log/models.py#L41-L43The response from some of the logs cause the following error:
and this is caused by the fact that userNames and userIds are lists not strings.
I temporarily patched this using this as audit_log model:
To replicate the issue have a
"type$": "watchlist_definition.included_users_added"in your audit logs and try to pull them via the sdk.