The "--all-logs" parameter is returning a 400 error

[renefigueroa1990]

I tried to use the "--all-logs" parameter, but it's returning a 400 error code:

` secops export create --gcs_bucket "projects/chronicle-yyyyyy-zzzzz/buckets/dummy-data-export-test" --all-logs --time-window 2
Warning: No log types are available for export in the specified time range.
You may need to adjust your time range or check your Chronicle instance configuration.
Creating export with --all-logs flag anyway...
Error: Failed to create data export: {
"error": {
"code": 400,
"message": "error in creating Data export",
"status": "INVALID_ARGUMENT",
"details": [
{
"@type": "type.googleapis.com/google.rpc.DebugInfo",
"detail": "[ORIGINAL ERROR] generic::invalid_argument: unrecognized log type [google.rpc.error_details_ext] { message: "error in creating Data export" }"
}
]
}
}

Possible solutions:

1. Verify the log type exists in your Chronicle instance
2. Try using 'secops export log-types' to see available log types
3. Check if your time range contains data for this log type
4. Make sure your GCS bucket is properly formatted as 'projects/PROJECT_ID/buckets/BUCKET_NAME'`

[renefigueroa1990]

We reviewed this closer and the issue was resolved after we enabled the new Data Export API feature in the SecOps instance.

The feature will be GA soon; in case you'd like to preview, please reach out to your account team and mention you'd like to preview the new Data Export API.