Good morning to you all,
Today I am trying to collect the alert center alerts from Google and create investigations out of the in IDR.
Part of the workflow will be indeed an API call to app.alerts; the script is working as expected outside of ICON, so that is okay. However when I translate the script into something that ICON python plugin is able to deal with I get into some issues around the loading of modules.
The first of my Py script looks like this:
def run(params={}):
from google_oauth2 import service_account
from googleapiclient_discovery import build
import requests
from datetime import datetime, timedelta
The error I am getting is in relation to google_oauth2 that the module is not install. I believe that this module falls under the general google-auth module (https://google-auth.readthedocs.io/en/master/reference/google.oauth2.service_account.html), so I added that in the “create connection” part when choosing the PY plugin.
This is the outcome of the test:
rapid7/Python 3 Script:4.0.7. Step name: run
[*] Performing Python version check...
Python 3.9.18
[*] Installing user-specified dependencies (['google-auth', 'google-api-python-client'])...
[*] Dependencies installed!
This is the outcome when running the test:
Traceback (most recent call last):
File "<string>", line 48, in <module>
File "<string>", line 7, in run
ModuleNotFoundError: No module named 'google_auth'
Any help or insight is much appreciated!