Home
Reference
Find details on the SPL language, toolkits, APIs, commands, and more.
Toolkits
A toolkit is a set of SPL artifacts, which are organized into a package. Toolkits make SPL or native functions and primitive or composite operators reusable across different applications.
Toolkits
Toolkit com.teracloud.streams.cybersecurity 5.0.0
Namespace com.teracloud.streams.cybersecurity.analytics
SPL File PredictiveBlocklisting.spl

Welcome
Learn about the core capabilities of Teracloud® Streams, its architecture, and key concepts.
Installing
Use this information to install, upgrade, and uninstall the Teracloud® Streams product.
Configuring
Create a basic or an enterprise domain which is a single point for configuring and managing common resources, security, and instances.
Administering
Administer the product by using the Teracloud® Streams graphical user interface, APIs, or the streamtool command-line interface.
Developing
Develop stream applications with the Streams Processing Language (SPL), Java, and Python.
Troubleshooting
Resolve problems with Teracloud® Streams using the troubleshooting tools provided with the product as well as the resources offered by Teracloud Support.
Reference
Find details on the SPL language, toolkits, APIs, commands, and more.
- APIs
  Application programming interfaces (APIs) provide functions that simplify applications development.
- Job configuration overlays
  You can specify or change configuration parameters when you use the submitjob or updateoperators operations. The settings control submission constraints, host constraints and locations, and operator status. Parameters are captured and updated in the configuration JSON file. When you change the values in the job configuration overlay file, the changes override any previously set values.
- Commands
  Teracloud® Streams provides a number of commands you use to perform tasks.
- Operator model
  An operator model is an XML document that describes the basic properties of a primitive operator.
- Streams Processing Language (SPL)
  Streams Processing Language (SPL) is a distributed data flow composition language that is used in Teracloud® Streams. SPL has primitive types, program structures, and definitions that are tailored for streaming data.
- Toolkits
  A toolkit is a set of SPL artifacts, which are organized into a package. Toolkits make SPL or native functions and primitive or composite operators reusable across different applications.
  - Specialized toolkit requirements and restrictions
    Several of the specialized toolkits require RPMs that are not required by the Teracloud® Streams product. There are also toolkit restrictions on some platforms.
  - Toolkits
- SPLDOC markup
  You can use SPLDOC markup in the descriptions associated with the SPL artifacts in a toolkit. The spl-make-doc command generates HTML documentation from the marked up artifacts.
Glossary
Use this glossary to find terms and definitions for Teracloud® Streams.

SPL File PredictiveBlocklisting.spl

Content

Operators

PredictiveBlocklisting: The PredictiveBlocklisting operator analyzes the feature vector produced by the PredictiveBlocklistingFE operator using an SPSS model.

Composites

composite PredictiveBlocklisting(output PredictiveBlocklistingResults; input PredictiveBlocklistingInput, SPSSModelFileNames)

The PredictiveBlocklisting operator analyzes the feature vector produced by the PredictiveBlocklistingFE operator using an SPSS model. The model predicts whether a domain should be blocklisted. For each feature vector analyzed, the operator submits a tuple predicting whether the domain is "supicious" or "benign".

Input Ports This operator contains 2 input ports.

Parameters

pimfile: Specifies the absolute path of the SPSS pim file.
parfile: Specifies the absolute path of the SPSS par file.
xmlfile: Specifies the absolute path of the SPSS xml file.

Input Ports

PredictiveBlocklistingInput: Input port 0 ingests tuples containing the feature vector produced by the PredictiveBlocklistingFE operator. For convenience, the com.teracloud.streams.cybersecurity.types::PredictiveBlocklisting_t type can be used as the input tuple type for this operator.
SPSSModelFileNames: Input port 1 is a control port that allows for dynamically updating the SPSS model. This port ingests a tuple containing an attribute of type "rstring". Typically this port is connected to an upstream DirectoryScan that scans a directory for updated SPSS model files. Output Ports This operator contains 1 output port.

Output Ports

PredictiveBlocklistingResults: Output port 0 submits a tuple for each feature vector analyzed. This operator expects that the output tuple type be the same as the input tuple type, and that this type contains two rstring attributes called "predictedClass" and "confidence. The operator will populate the "predictedClass" and "confidence" attributes with the results of the SPSS model. Therefore, the com.teracloud.streams.cybersecurity.types::PredictiveBlocklisting_t type can be used as the output tuple type.