Home
Reference
Find details on the SPL language, toolkits, APIs, commands, and more.
Toolkits
A toolkit is a set of SPL artifacts, which are organized into a package. Toolkits make SPL or native functions and primitive or composite operators reusable across different applications.
Toolkits
Toolkit com.teracloud.streams.cybersecurity 5.0.0
Operators: com.teracloud.streams.cybersecurity 5.0.0

Welcome
Learn about the core capabilities of Teracloud® Streams, its architecture, and key concepts.
Installing
Use this information to install, upgrade, and uninstall the Teracloud® Streams product.
Configuring
Create a basic or an enterprise domain which is a single point for configuring and managing common resources, security, and instances.
Administering
Administer the product by using the Teracloud® Streams graphical user interface, APIs, or the streamtool command-line interface.
Developing
Develop stream applications with the Streams Processing Language (SPL), Java, and Python.
Troubleshooting
Resolve problems with Teracloud® Streams using the troubleshooting tools provided with the product as well as the resources offered by Teracloud Support.
Reference
Find details on the SPL language, toolkits, APIs, commands, and more.
- APIs
  Application programming interfaces (APIs) provide functions that simplify applications development.
- Job configuration overlays
  You can specify or change configuration parameters when you use the submitjob or updateoperators operations. The settings control submission constraints, host constraints and locations, and operator status. Parameters are captured and updated in the configuration JSON file. When you change the values in the job configuration overlay file, the changes override any previously set values.
- Commands
  Teracloud® Streams provides a number of commands you use to perform tasks.
- Operator model
  An operator model is an XML document that describes the basic properties of a primitive operator.
- Streams Processing Language (SPL)
  Streams Processing Language (SPL) is a distributed data flow composition language that is used in Teracloud® Streams. SPL has primitive types, program structures, and definitions that are tailored for streaming data.
- Toolkits
  A toolkit is a set of SPL artifacts, which are organized into a package. Toolkits make SPL or native functions and primitive or composite operators reusable across different applications.
  - Specialized toolkit requirements and restrictions
    Several of the specialized toolkits require RPMs that are not required by the Teracloud® Streams product. There are also toolkit restrictions on some platforms.
  - Toolkits
- SPLDOC markup
  You can use SPLDOC markup in the descriptions associated with the SPL artifacts in a toolkit. The spl-make-doc command generates HTML documentation from the marked up artifacts.
Glossary
Use this glossary to find terms and definitions for Teracloud® Streams.

Operators: com.teracloud.streams.cybersecurity 5.0.0

Operators

BWListTagger: The BWListTagger operator loads lists of domains and IP addresses into a lookup table.
DNSTunneling: The DNSTunneling operator analyzes DNS response traffic and reports suspicious behaviour that may indicate the presence of DNS tunneling in the network.
DomainProfiling: The DomainProfiling operator analyzes DNS response traffic and reports whether or not the behaviour of the domain is suspicious.
HostProfiling: The HostProfiling operator analyzes DNS response traffic and reports whether or not the behaviour of the hosts are suspicious.
PredictiveBlocklisting: The PredictiveBlocklisting operator analyzes the feature vector produced by the PredictiveBlocklistingFE operator using an SPSS model.
PredictiveBlocklistingFE: The PredictiveBlocklistingFE operator ingests DNS response traffic and outputs a feature vector that is used by the PredictiveBlocklisting operator.
QRadarSink: This operator allows Streams applications to send syslog messages to a QRadar host.