Google SecOps Deprecates Legacy Data Export API and Related Endpoints Effective June 18

Google Cloud Security Operations (Chronicle) has shut down several legacy and older API components effective June 18, 2026, following deprecation notices issued May 18.

The changes target the data export and log type discovery functionality.

Deprecated Features (Shutdown June 18, 2026)

• Legacy Data Export API — Fully deprecated in favor of the enhanced Data Export API. Google states the move is intended to deliver a more secure and scalable data archival experience.

• fetchavailablelogtypes API endpoint — Deprecated in favor of the list endpoint.
• updateDataExport endpoint (within the enhanced Data Export API) — Deprecated because reduced job queue times in the enhanced API eliminated the need for update functionality. Customers can still cancel queued export jobs.

• logType field (in the enhanced Data Export API) — Deprecated in favor of the new optional includeLogTypes field. The new field supports an array of log types for filtering. If left blank, the export job includes all log types by default.

All four items reached end-of-life today.

Actions to Take

• Chronicle / Google SecOps customers using data exports: Immediately switch any remaining Legacy Data Export API calls to the enhanced Data Export API. The legacy version is no longer available as of today.

• Teams relying on log type discovery: Replace fetchavailablelogtypes calls with the supported list endpoint before any scripts or integrations break.

• Users of the enhanced Data Export API: Audit any code that still references the updateDataExport endpoint or the deprecated logType field. Update to the includeLogTypes array field where filtering by specific log types is required.

• Security and compliance teams with long-running export jobs: Verify that all active or scheduled exports are using the enhanced API path. Test cancellation workflows for queued jobs, as that remains supported.

• Automation and SOAR/playbook owners: Review any Chronicle integrations that touch data export or log type enumeration. Prioritize updates in the next sprint, as these changes are now live and non-functional.

These deprecations are part of Google’s ongoing effort to consolidate on more modern, scalable, and secure API surfaces within Security Operations. Organizations still running on the legacy paths lost access today.