Using the IDE

Supported in:

This document details the Integrated Development Environment (IDE) production mode. The IDE is a framework for viewing, editing, and testing code. It allows you to view the code of commercial integrations and to create custom integrations from scratch or by duplicating commercial integrations code.

In addition – this is the place to manage, import and export custom integrations.

To open the IDE, in the left navigation, navigate to Response > IDE. The IDE page is displayed.

The following options are available from the top left of the page:

Option Description
Integrations
Types		 Choose between Integrations or Types (connectors, actions, jobs and managers).
Export
Import		 Export either individual or multiple items from an integration. Note that dependent items will also be exported for individual items (but not for the package). The file will be in zip format with a JSON file.
Import either individual items into an existing integration or import an entire package. The package must contain an integrations.def file and the following folders: ActionsDefinitions, ActionsScripts, Dependencies, Managers.
Show or Hide disabled items (actions, connectors).
Can add a new custom integration, connector, action, job or manager to the list.

Add a connector

  1. Click Create New Item and select Connector. Enter a name and the required integration. Click Create.
  2. In the right of the page, add integration details.
  3. Add the required parameters.
  4. Toggle the button at the top to the green position to enable the job.
  5. Click Save when done, or press Ctrl + S.

The following options are available from the right of the page:

Option Description
Delete item The delete option is available for IDE items added to custom integrations only.
Runs the Test method of the script, which runs the selected script (action \ job \ connector).
The result of the script is shown in the Testing tab and the debug information (Python prints) is shown in Debug Output for debugging purposes.
This is the JSON Sample import/export dialog. Note that you need to enable "Include JSON Result" and then when using an action which returns JSON result, you can click on this icon and choose whether to import your own JSON sample, or export the current one in order to edit it.
Details In the details tab, you can provide the user supplied input as well as other parameters such as integration name.
Version Control - Select an action/job/connector and click to see the following options: Save as New Version - Click to save the object as a new version, add your comments, then click Save as. View Version History - Click to see the version history of the object in a tabular form. Click Restore to revert to any of the previous versions anytime. This is only available if you have clicked Save as New Version on an action/job/connector/manager previously.
Duplicate item Select a job/action/connector/manager and click the duplicate icon to create a copy of the job/action/manager. You can then edit this according to your needs. You will notice that after pressing Save this now appears in the list without the lock icon.

Create a custom integration

  1. Click Create New Item and select Integration. Enter a name and click Create.
  2. Click the wheel icon and add in the relevant information:
    1. Description of your integration. Note that this description will appear in the Google Security Operations Marketplace and will be visible to all Google SecOps users.
    2. SVG Icon. This will appear alongside the integration.
    3. Image of your integration. Note that this picture will appear in the Google SecOps Marketplace and will be visible to all Google SecOps users.
    4. Libraries. Can add a library and sub-libraries of scripts via Python PIP.
    5. Script dependencies – you can add scripts written in whl, py, tar, gz formats. These scripts will add more functionality to your integration.
    6. Parameters – you can add parameters or fields to your integration which need to be configured in the Google SecOps Marketplace. You can choose type of parameter, default value and whether or not to make it a mandatory field.
  3. Click Save when done.

Create a job

  1. Click Create New Item and select Job. Enter a name and the required integration. Click Create.
  2. Toggle the button at the top to the green position to enable the job.
  3. You can also add parameters which enables you to configure jobs to receive input from users or another script.
  4. Click Save on the top right of the page, or click Ctrl + S.
  5. Click the green arrow (Play Item) in order to run the script.
  6. Next, navigate to Response > Jobs Scheduler.
  7. Click add Create New Job and select the job that you just created.
  8. Choose the required time in the Scheduler to run the job (script) that you created.

Create a new action to be used in a playbook

  1. Click Create New Item and select Action. Enter a name and the required integration. Click Create.
  2. Edit the code as required.
  3. Make sure to enable Include JSON Result if you want the Action to return JSON results in the Playbook.
  4. If necessary, add parameters to be displayed as a drop down list.
  5. Make sure to enable the action and click Save at the top right of the page.
  6. In the right side of the page, under the heading Polling Configuration, you can choose to define the amount of time after which if the Action has not returned a result it times out. You can add a default value to be returned in the event of a timeout.
    The Action is now available for use in the Playbook > Actions.

Create a custom manager

  1. Click Create New Item and select Manager. Enter a name and the required integration. Click Create.
  2. Edit the code as required.
  3. Click Save.

Need more help? Get answers from Community members and Google SecOps professionals.