google · PaperMtn · Feb 27, 2026 · Feb 27, 2026 · Feb 27, 2026 · Feb 27, 2026
@@ -111,27 +111,43 @@
     search_log_types,
 )
 from secops.chronicle.models import (
+    AdvancedConfig,
     AlertCount,
     AlertState,
     Case,
     CaseList,
+    DailyScheduleDetails,
     DataExport,
     DataExportStage,
     DataExportStatus,
+    Date,
+    DayOfWeek,
     DetectionType,
+    DiffType,
     Entity,
     EntityMetadata,
     EntityMetrics,
     EntitySummary,
     FileMetadataAndProperties,
     InputInterval,
+    IntegrationJobInstanceParameter,
+    IntegrationParam,
+    IntegrationParamType,
+    IntegrationType,
     ListBasis,
+    MonthlyScheduleDetails,
+    OneTimeScheduleDetails,
     PrevalenceData,
+    PythonVersion,
+    ScheduleType,
     SoarPlatformInfo,
+    TargetMode,
     TileType,
     TimeInterval,
     Timeline,
     TimelineBucket,
+    TimeOfDay,
+    WeeklyScheduleDetails,
     WidgetMetadata,
 )
 from secops.chronicle.nl_search import translate_nl_to_udm
@@ -340,21 +356,31 @@
     "execute_query",
     "get_execute_query",
     # Models
+    "AdvancedConfig",
+    "AlertCount",
+    "AlertState",
+    "Case",
+    "CaseList",
+    "DailyScheduleDetails",
+    "Date",
+    "DayOfWeek",
     "Entity",
     "EntityMetadata",
     "EntityMetrics",
+    "EntitySummary",
+    "FileMetadataAndProperties",
+    "IntegrationJobInstanceParameter",
+    "MonthlyScheduleDetails",
+    "OneTimeScheduleDetails",
+    "PrevalenceData",
+    "ScheduleType",
+    "SoarPlatformInfo",
     "TimeInterval",
-    "TimelineBucket",
     "Timeline",
+    "TimelineBucket",
+    "TimeOfDay",
+    "WeeklyScheduleDetails",
     "WidgetMetadata",
-    "EntitySummary",
-    "AlertCount",
-    "AlertState",
-    "Case",
-    "SoarPlatformInfo",
-    "CaseList",
-    "PrevalenceData",
-    "FileMetadataAndProperties",
     "ValidationResult",
     "GeminiResponse",
     "Block",

@@ -182,6 +182,8 @@
     EntitySummary,
     InputInterval,
     TileType,
+    AlertState,
+    ListBasis,
 )
 from secops.chronicle.nl_search import nl_search as _nl_search
 from secops.chronicle.nl_search import translate_nl_to_udm
@@ -229,7 +231,6 @@
     update_reference_list as _update_reference_list,
 )
 
-# Import rule functions
 from secops.chronicle.rule import create_rule as _create_rule
 from secops.chronicle.rule import delete_rule as _delete_rule
 from secops.chronicle.rule import enable_rule as _enable_rule
@@ -287,7 +288,7 @@
     list_retrohunts as _list_retrohunts,
 )
 from secops.chronicle.rule_set import (
-    batch_update_curated_rule_set_deployments as _batch_update_curated_rule_set_deployments,  # pylint: disable=line-too-long
+    batch_update_curated_rule_set_deployments as _batch_update_curated_rule_set_deployments, #pylint: disable=line-too-long
 )
 from secops.chronicle.rule_set import get_curated_rule as _get_curated_rule
 from secops.chronicle.rule_set import (
@@ -303,7 +304,7 @@
     get_curated_rule_set_deployment as _get_curated_rule_set_deployment,
 )
 from secops.chronicle.rule_set import (
-    get_curated_rule_set_deployment_by_name as _get_curated_rule_set_deployment_by_name,  # pylint: disable=line-too-long
+    get_curated_rule_set_deployment_by_name as _get_curated_rule_set_deployment_by_name, #pylint: disable=line-too-long
 )
 from secops.chronicle.rule_set import (
     list_curated_rule_set_categories as _list_curated_rule_set_categories,
@@ -333,7 +334,6 @@
     generate_udm_key_value_mappings as _generate_udm_key_value_mappings,
 )
 
-# Import functions from the new modules
 from secops.chronicle.udm_search import (
     fetch_udm_search_csv as _fetch_udm_search_csv,
 )
@@ -356,6 +356,10 @@
     trigger_github_checks as _trigger_github_checks,
 )
 from secops.exceptions import SecOpsError
+from secops.chronicle.soar import SOARService
+
+
+# pylint: enable=line-too-long
 
 
 class ValueType(Enum):
@@ -518,6 +522,7 @@ def __init__(
         self.default_api_version = APIVersion(default_api_version)
         self._default_forwarder_display_name: str = "Wrapper-SDK-Forwarder"
         self._cached_default_forwarder_id: str | None = None
+        self.soar = SOARService(self)
 
         # Format the instance ID to match the expected format
         if region in ["dev", "staging"]: