google
diff --git a/‎CHANGELOG.md‎
Lines changed: 16 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎CLI.md‎
Lines changed: 37 additions & 1 deletion b/‎CLI.md‎
Lines changed: 37 additions & 1 deletion
diff --git a/‎README.md‎
Lines changed: 46 additions & 10 deletions b/‎README.md‎
Lines changed: 46 additions & 10 deletions
diff --git a/‎pyproject.toml‎
Lines changed: 1 addition & 1 deletion b/‎pyproject.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎requirements.txt‎
Lines changed: 1 addition & 0 deletions b/‎requirements.txt‎
Lines changed: 1 addition & 0 deletions
@@ -6,6 +6,22 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
+
+## [0.34.0] - 2026-01-12
+### Added
+- `as_list` parameter for paginated list methods to streamline API requests and automatically fetch all pages
+  - Supported methods: `list_watchlists`, `list_curated_rules`, `list_curated_rule_sets`, `list_curated_rule_set_categories`, `list_curated_rule_set_deployments`, `list_featured_content_rules`
+- CLI `--as-list` flag for corresponding list commands
+
+### Updated
+- Refactored modules to use centralized `chronicle_request` helper function for improved code consistency and maintainability
+  - Watchlist (`watchlist.py`)
+  - Curated rule set (`rule_set.py`)
+  - Investigation (`investigations.py`)
+  - UDM mapping (`udm_mapping.py`)
+  - UDM search (`udm_search.py`)
+  - Validation (`validate.py`)
+
 ## [0.33.0] - 2026-01-07
 ### Added
 - Support for following investigation methods:
 
@@ -676,9 +676,12 @@ secops parser-extension delete --log-type OKTA --id "1234567890"
 List watchlists:
 
 ```bash
-# List all watchlists
+# List all watchlists (returns dict with pagination metadata)
 secops watchlist list
 
+# List watchlists as a direct list (fetches all pages automatically)
+secops watchlist list --as-list
+
 # List watchlist with pagination 
 secops watchlist list --page-size 50
 ```
@@ -829,10 +832,17 @@ The `rule test` command outputs UDM events as pure JSON objects that can be pipe
 ### Curated Rule Set Management
 
 List all curated rules:
+
 ```bash
+# List all curated rules (returns dict with pagination metadata)
 secops curated-rule rule list
+
+# List curated rules as a direct list
+secops curated-rule rule list --as-list
 ```
+
 Get curated rules:
+
 ```bash
 # Get rule by UUID
 secops curated-rule rule get --id "ur_ttp_GCP_ServiceAPIDisable"
@@ -842,6 +852,7 @@ secops curated-rule rule get --name "GCP Service API Disable"
 ```
 
 Search for curated rule detections:
+
 ```bash
 secops curated-rule search-detections \
   --rule-id "ur_ttp_GCP_MassSecretDeletion" \
@@ -861,33 +872,54 @@ secops curated-rule search-detections \
 ```
 
 List all curated rule sets:
+
 ```bash
+# List all curated rule sets (returns dict with pagination metadata)
 secops curated-rule rule-set list
+
+# List curated rule sets as a direct list
+secops curated-rule rule-set list --as-list
 ```
 
 Get specific curated rule set details:
+
 ```bash
 # Get curated rule set by UUID
 secops curated-rule rule-set get --id "f5533b66-9327-9880-93e6-75a738ac2345"
+
+# Get curated rule set by name
+secops curated-rule rule-set get --name "Active Breach Priority Host Indicators"
 ```
 
 List all curated rule set categories:
+
 ```bash
+# List all curated rule set categories (returns dict with pagination metadata)
 secops curated-rule rule-set-category list
+
+# List curated rule set categories as a direct list
+secops curated-rule rule-set-category list --as-list
 ```
 
 Get specific curated rule set category details:
+
 ```bash
 # Get curated rule set category by UUID
 secops curated-rule rule-set-category get --id "db1114d4-569b-5f5d-0fb4-f65aaa766c92"
 ```
 
 List all curated rule set deployments:
+
 ```bash
+# List all curated rule set deployments (returns dict with pagination metadata)
 secops curated-rule rule-set-deployment list
+
+# List curated rule set deployments as a direct list
+secops curated-rule rule-set-deployment list --as-list
 ```
 
 Get specific curated rule set deployment details:
+
 ```bash
 # Get curated rule set deployment by UUID
 secops curated-rule rule-set-deployment get --id "f5533b66-9327-9880-93e6-75a738ac2345"
@@ -1308,7 +1340,11 @@ Featured content rules are pre-built detection rules available in the Chronicle
 #### List all featured content rules:
 
 ```bash
+# List all featured content rules (returns dict with pagination metadata)
 secops featured-content-rules list
+
+# List featured content rules as a direct list
+secops featured-content-rules list --as-list
 ```
 
 #### List with pagination:
 
@@ -1854,7 +1854,15 @@ watchlist = chronicle.get_watchlist("acb-123-def")
 List all watchlists:
 
 ```python
+# List watchlists (returns dict with pagination metadata)
 watchlists = chronicle.list_watchlists()
+for watchlist in watchlists.get("watchlists", []):
+    print(f"Watchlist: {watchlist.get('displayName')}")
+
+# List watchlists as a direct list (automatically fetches all pages)
+watchlists = chronicle.list_watchlists(as_list=True)
+for watchlist in watchlists:
+    print(f"Watchlist: {watchlist.get('displayName')}")
 ```
 
 ## Rule Management
@@ -2164,14 +2172,21 @@ If `tooManyAlerts` is True in the response, consider narrowing your search crite
 Query curated rules:
 
 ```python
-# List all curated rules
-rules = chronicle.list_curated_rules()
-for rule in rules:
+# List all curated rules (returns dict with pagination metadata)
+result = chronicle.list_curated_rules()
+for rule in result.get("curatedRules", []):
     rule_id = rule.get("name", "").split("/")[-1]
     display_name = rule.get("description")
     description = rule.get("description")
     print(f"Rule: {display_name}, Description: {description}")
 
+# List all curated rules as a direct list
+rules = chronicle.list_curated_rules(as_list=True)
+for rule in rules:
+    rule_id = rule.get("name", "").split("/")[-1]
+    display_name = rule.get("description")
+    print(f"Rule: {display_name}")
+
 # Get a curated rule
 rule = chronicle.get_curated_rule("ur_ttp_lol_Atbroker")
 
@@ -2218,8 +2233,15 @@ if "nextPageToken" in result:
 Query curated rule sets:
 
 ```python
-# List all curated rule sets
-rule_sets = chronicle.list_curated_rule_sets()
+# List all curated rule sets (returns dict with pagination metadata)
+result = chronicle.list_curated_rule_sets()
+for rule_set in result.get("curatedRuleSets", []):
+    rule_set_id = rule_set.get("name", "").split("/")[-1]
+    display_name = rule_set.get("displayName")
+    print(f"Rule Set: {display_name}, ID: {rule_set_id}")
+
+# List all curated rule sets as a direct list
+rule_sets = chronicle.list_curated_rule_sets(as_list=True)
 for rule_set in rule_sets:
     rule_set_id = rule_set.get("name", "").split("/")[-1]
     display_name = rule_set.get("displayName")
@@ -2232,8 +2254,15 @@ rule_set = chronicle.get_curated_rule_set("00ad672e-ebb3-0dd1-2a4d-99bd7c5e5f93"
 Query curated rule set categories:
 
 ```python
-# List all curated rule set categories
-rule_set_categories = chronicle.list_curated_rule_set_categories()
+# List all curated rule set categories (returns dict with pagination metadata)
+result = chronicle.list_curated_rule_set_categories()
+for rule_set_category in result.get("curatedRuleSetCategories", []):
+    rule_set_category_id = rule_set_category.get("name", "").split("/")[-1]
+    display_name = rule_set_category.get("displayName")
+    print(f"Rule Set Category: {display_name}, ID: {rule_set_category_id}")
+
+# List all curated rule set categories as a direct list
+rule_set_categories = chronicle.list_curated_rule_set_categories(as_list=True)
 for rule_set_category in rule_set_categories:
     rule_set_category_id = rule_set_category.get("name", "").split("/")[-1]
     display_name = rule_set_category.get("displayName")
@@ -2246,9 +2275,9 @@ rule_set_category = chronicle.get_curated_rule_set_category("110fa43d-7165-2355-
 Manage curated rule set deployments (turn alerting on or off (either precise or broad) for curated rule sets):
 
 ```python
-# List all curated rule set deployments
-rule_set_deployments = chronicle.list_curated_rule_set_deployments()
-for rs_deployment in rule_set_deployments:
+# List all curated rule set deployments (returns dict with pagination metadata)
+result = chronicle.list_curated_rule_set_deployments()
+for rs_deployment in result.get("curatedRuleSetDeployments", []):
     rule_set_id = rs_deployment.get("name", "").split("/")[-3]
     category_id = rs_deployment.get("name", "").split("/")[-5]
     deployment_status = rs_deployment.get("name", "").split("/")[-1]
@@ -2262,6 +2291,13 @@ for rs_deployment in rule_set_deployments:
         f"Alerting: {alerting}",
     )
 
+# List all curated rule set deployments as a direct list
+rule_set_deployments = chronicle.list_curated_rule_set_deployments(as_list=True)
+for rs_deployment in rule_set_deployments:
+    rule_set_id = rs_deployment.get("name", "").split("/")[-3]
+    display_name = rs_deployment.get("displayName")
+    print(f"Rule Set: {display_name}, ID: {rule_set_id}")
+
 # Get curated rule set deployment by ID
 rule_set_deployment = chronicle.get_curated_rule_set_deployment("00ad672e-ebb3-0dd1-2a4d-99bd7c5e5f93")
 
 
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "secops"
-version = "0.33.0"
+version = "0.34.0"
 description = "Python SDK for wrapping the Google SecOps API for common use cases"
 readme = "README.md"
 requires-python = ">=3.10"
 
@@ -8,3 +8,4 @@ protobuf
 pylint
 twine
 python-dotenv
+requests